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Ruling  Resolves 
User  Uncertainty 

Microsoft  rivals  angered  by  judge’s 
‘rubber  stamping’  of  DOJ  settlement 


BY  PATRICK  THIBODEAU 

WASHINGTON 

Microsoft  Corp.  is  no  longer 
facing  its  worst  fear:  the  un¬ 
bundling  of  Windows.  And 
it’s  on  firmer  ground  to  plan 
product  strategies  as  a  result 
of  last  week’s  court  ruling. 

Microsoft  isn’t  out  of  danger 
—  the  company  faces  legal  ac¬ 
tion  in  Europe  and  private  an¬ 
titrust  cases.  But  U.S. 

District  Court  Judge 
Colleen  Kollar-Kotel- 
ly’s  decision  Friday 
came  down  so  decid¬ 
edly  in  favor  of  the 
company  and  the  set¬ 
tlement  reached  with 
the  U.S.  Department 
of  Justice  that  further 
legal  challenges  by  the  nonset- 
tiing  states  are  unlikely. 

Microsoft  can  therefore 
operate  with  a  greater  degree 
of  certainty  with  customers, 
business  partners  and  competi¬ 
tors.  And  that  knowledge  came 
none  too  soon  for  some  users. 

“We  all  know  Microsoft  isn’t 
perfect.  IBM  is  not  perfect.  No 
one  is  perfect.  I  want  it  to  be 
over,”  said  Steve  Sommer,  CIO 
at  Hughes,  Hubbard  &  Reed 
LLP,  a  law  firm  in  New  York. 

Sommer  said  his  chief  con¬ 


cern  is  that  the  decision  “does¬ 
n’t  slow  down  research  and  de¬ 
velopment  and  the  innovation” 
that’s  due  with  Microsoft’s 
Trustworthy  Computing  initia¬ 
tive  and  .Net  technologies. 

Other  users  lashed  out  at 
the  ruling. 

“Obviously,  we  would  like 
[Microsoft]  to  open  as  much 
code  as  possible  to  keep  com¬ 
petition  alive,”  said 
Rick  Peltz,  CIO  at 
Marcus  &  Millichap 
Real  Estate  Invest¬ 
ment  Brokerage  Co. 
in  Encino,  Calif. 
“What  it  sounds 
like  to  me  is  [the 
judge]  chose  not  to 
do  anything”  after 
delaying  the  original  settle¬ 
ment  for  a  year. 

Kollar-Kotelly  in  fact  gave 
little  to  the  states,  and  rejected 
all  their  major  remedy  de¬ 
mands,  including  making  In¬ 
ternet  Explorer  open-source 
and  porting  Office  to  rival 
operating  systems. 

Groups  representing  com¬ 
petitors  were  disappointed 
with  the  outcome. 

“It’s  a  rubber  stamp,”  said 
Ed  Black,  who  heads  the  Com- 
Microsoft,  page  6 
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IBM  Throws 
Weight  Behind 
Utility  Model 

But  users,  analysts  caution  that  road  to 
‘on-demand’  computing  will  be  rough 


BY  JAIKUMAR  VIJAYAN 

NEW  YORK 

IBM’s  $10  billion  “on-de¬ 
mand”  initiative  announced 
by  CEO  Samuel  J.  Palmisa- 
no  here  last  week 
echoes  efforts  by 
rivals  to  help 
companies  deploy 
IT  as  a  utilitylike 
service  that  can 
quickly  expand  or  contract 
with  business  needs. 

But  getting  to  such  a  flex¬ 
ible  —  and  ostensibly  more 
cost-effective  —  architec¬ 
ture  will  take  time  and  re¬ 
quire  a  radically  different 
approach  to  buying  and 
using  computer  systems, 
users  and  analysts  said. 

“This  is  all  wonderful  to 
talk  about  in  theory,”  said 


David  Krauthamer,  MIS 
director  at  Advanced  Fibre 
Communications  Inc.,  a 
manufacturer  of  telecom¬ 
munications  equipment  in 
Petaluma,  Calif. 
But  in  reality,  the 
task  of  moving  to 
it  is  “incredibly 
complex,”  Kraut¬ 
hamer  added. 

Still,  the  concept  is  an 
alluring  one. 

“Companies  are  tired  of 
making  one-off  investments 
in  IT,”  said  Ted  Schadler, 
an  analyst  at  Forrester  Re¬ 
search  Inc.  in  Cambridge, 
Mass.  As  a  result,  “there  is  a 
shift  going  on  toward  a 
commoditization  of  the  in¬ 
frastructure,”  he  said.  “It’s 
On-Demand,  page  61 


Economics 
Guiding  IBM 

Declining  revenue, 
commoditization 
lead  to  new  strategy 

BY  JAIKUMAR  VIJAYAN 

CEO  Samuel  J.  Palmisano’s 
plan  to  steer  IBM  on  a  new 
course  comes  at  a  crucial 
time  for  the  company. 

Though  IBM  is  perceived 
to  be  faring  better  than  its 
struggling  rivals  in  the  cur¬ 
rent  sluggish  economy,  it’s 
facing  many  of  the  same 
challenges,  analysts  said. 

Revenue  has  been  declin¬ 
ing,  and  profits  have  been 
coming  under  growing 
pressure.  Though  the  com- 
Economics,  page  61 


OUR  TAKE 

Kick  the  tires  hard 
on  this  one,  says 
Maryfran  Johnson. 


No.  2  Bank  May  Outsource  IT 


Sources  say  IBM  or 
EDS  could  win  J.P. 
Morgan  Chase  deal 

BY  THOMAS  HOFFMAN 

Sources  last  week  said  J.P. 
Morgan  Chase  &  Co.  is  weigh¬ 
ing  a  decision  to  outsource  the 
bulk  of  its  IT  operations,  a 
deal  that  one  insider  noted 
could  rank  second  in  size  and 


scope  to  the  $40  billion  con¬ 
tract  signed  in  1996  by  General 
Motors  Co.  and  Electronic 
Data  Systems  Corp. 

Six  sources,  including  two 
IT  managers  at  New  York- 
based  J.P.  Morgan  Chase,  said 
outsourcing  discussions  are  in 
progress  at  the  nation’s  No.  2 
bank.  Multiple  sources  identi¬ 
fied  IBM  and  Plano,  Texas- 
based  EDS  as  the  top  two  con¬ 


tenders  for  the  contract. 

One  data  center  manager  at 
the  bank,  which  has  $742  bil¬ 
lion  in  assets,  said  senior  exec¬ 
utives  have  “gone  back  and 
forth”  on  the  possibility  of 
outsourcing  IT  over  the  past 
few  months.  “One  month 
we’re  about  to  move  forward 
with  it,  and  the  next  month  it’s 
put  on  hold  again,”  the  manag¬ 
er  said.  Like  the  other  sources, 
he  asked  not  to  be  identified. 

A  database  administrator  at 
J.P.  Morgan,  page  16 
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Make  every  step  count  for  more. 


Nokia  security  appliances  simplify  network  security. 

Pre-installed,  pre-configured  and  ready  to  go. 

Whether  they’re  being  used  for  VPNs,  firewalls,  intrusion  protection,  or  Internet 
traffic  management,  Nokia  appliances  are  delivered  ready  for  implementation. 
They’re  compatible  with  any  IP  network.  Often,  the  only  on-site  requirements 
are  powering  up  the  appliance,  connecting  it  to  the  network,  and  entering  the 
correct  IP  address. 

Nokia  security  appliances  are  designed  for  full  remote  management. 

Easy-to-use  GUI-based  interfaces  offer  a  full  overview  of  security  deployment,  or 
a  drill-down  to  the  details,  anytime.  Deep  collaboration  with  partners  like  Check 
Point  Software  Technologies,  Internet  Security  Systems  and  F5  helps  coordinate 
all  the  capabilities  of  their  applications.  So  our  customers  can  respond  to  internal 
and  external  threats,  by  upgrading  or  redeploying  their  equipment,  quickly  and 
more  easily  than  ever  before. 

First  Call-Final  Resolution  support  eliminates  the  usual  finger-pointing. 

It’s  another  way  that  our  ongoing  partnerships  give  our  customers  greater  peace  of  mind. 
To  download  case  studies,  details  and  more,  just  visit  www.nokia.com/ipsecurity/na. 
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It's  so  far  forward,  it's  a  shame  to  call  it  backup. 

Apparently  the  word  is  out  everywhere.  BrightStor™  ARCserve®  Backup  is  among  the  most  reliable  and  widely  used 
backup  solutions  in  the  world.  In  fact,  hundreds  of  thousands  of  people  rely  on  BrightStor  ARCserve  Backup 
technology  to  protect  their  critical  servers.  Now  we've  created  BrightStor™  ARCserve®  Backup  v9,  the  most  advanced 
version  ever.  As  part  of  the  BrightStor™  line  of  storage  management  solutions,  BrightStor  ARCserve  Backup  v9  is  amazingly  powerful  yet 
one  of  the  simplest  to  use  and  easiest  to  install  solutions  out  there.  In  fact,  most  users  can  perform  their  first  backup  within  20  minutes 
of  start-up.  And  that  means  it's  the  perfect  backup  software  choice  for,  well,  just  about  everyone.  ca.com/brightstor/arcserve9 


ARCserve  v9 
is  here 


BrightStor™  ARCserve®  Backup 
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Q&A:  Jump  Ball! 

In  the  Management  Section:  For  John 
McKinley,  CIO  at  Merrill  Lynch,  every 
IT  service  is  a  “jump  ball”  that’s  up  for 
grabs,  and  managing  strategic  service 
providers  is  a  new  core  competency. 
Page  46 


A  View  to  Savings 

In  the  Technology  Section:  Signifi¬ 
cant  cost  reductions  can  be  gained 
by  having  a  real-time  view  of  op¬ 
erations  through  data  integration, 
say  manufacturers  that  have  im¬ 
plemented  the  approach.  Page  29 
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6  IT  managers  should  look  be¬ 
yond  cutting  costs  to  prove 
the  worth  of  technology 
investments,  say  CIOs. 

6  A  set  of  wireless  LAN  secu¬ 
rity  specifications  announced 
by  the  Wi-Fi  Alliance  com¬ 
pletes  an  initiative  started  by 
Microsoft  and  other  vendors. 

7  More  companies  are  expect¬ 
ed  to  create  central  applica¬ 
tion  integration  teams  during 
the  next  three  years. 

7  BEA  Systems  today  ships 
software  that  can  be  used  to 
gain  access  to  and  view  data 
from  disparate  systems. 

8  NIST  releases  a  set  of 

security  guidelines  for  federal 
agencies  that  it  says  can  also 
be  used  by  the  private  sector. 

8  Changes  are  coming  for 

ICANN  as  it  tries  to  ease  the 
tension  in  its  ranks. 

10  Cybersecurity  czar  Richard 
Clarke  wants  federal  funding 
for  research  aimed  at  improv¬ 
ing  Internet  protocols. 

12  Oracle  beefs  up  its  presence 
at  its  independent  user  group 
conference,  where  users  differ 
on  whether  the  company  has 
improved  support. 

12  Attendees  at  Storage  Net¬ 
working  World  say  multiven¬ 
dor  SANs  can  provide  big  fi¬ 
nancial  returns.  But  managing 
them  isn’t  easy,  they  caution. 

16  Nortel  Networks  unveils  a 
new  marketing  strategy. 


TECHNOLOGY 

32  Field  Report:  Unified  Messag¬ 
ing  Boosts  Productivity.  Cen¬ 
tralized  access  to  fax,  voice 
and  e-mail  messages  creates 
efficiencies,  but  unified  mes¬ 
saging  systems  require  sub¬ 
stantial  infrastructure 
changes. 

36  QuickStudy:  Scale-Free 
Networks.  These  networks, 
which  include  the  Internet, 
differ  from  random  networks 
in  that  some  of  their  nodes  are 
very  connected  hubs,  a  fact 
that  changes  the  way  the  net¬ 
work  operates,  decays  and  re¬ 
sponds  when  attacked. 

38  Security  Journal:  Experts 
Stumble  on  PKI  Security 
Project.  Vince  Tuesday’s 
attempt  to  rework  his  compa¬ 
ny’s  public-key  infrastructure 
demonstrates  that  even  high- 
priced  hired  guns  should  be 
carefully  evaluated. 

MANAGEMENT 

43  Case  Studies:  Beyond  Cool. 

Cost-conscious  IT  managers 
are  deploying  cheaper,  easier- 
to-use  PDAs  to  perform  criti¬ 
cal  tasks.  Analysts  expect 
PDA  use  for  business  applica¬ 
tions  to  increase  significantly 
during  the  next  18  months. 

52  Trading  Places.  Looking  to 
better  merge  business  and 
technology  objectives,  more 
companies  are  cross-training 
their  employees  to  the  point 
where  it’s  not  always  easy  to 
tell  the  sales  representatives 
from  the  IT  pros. 


OPINION 

10  On  the  Mark:  Mark  Hall  un¬ 
covers  new  products  from 
Ariba  and  Closedloop,  among 
others,  and  chats  with  a  critic 
of  Salesforce.com. 

24  Maryfran  Johnson  counts 
three  vendors  that  now  tout 
the  next  new  thing  —  utility 
computing.  She  advises  you 
to  guard  your  wallet. 

24  Pimm  Fox  looks  closely  at  the 
“free”  tools  in  IBM’s  Alpha- 
Works  project. 

25  Michael  Gartenberg  offers 
four  ways  to  turn  even  dis¬ 
gruntled  users  into  your 
biggest  boosters. 

40  Robert  L.  Mitchell  asks  why 
Microsoft  doesn’t  make  the 
Windows  2000  Professional 
Gold  Standard  baseline  secu¬ 
rity  template  part  of  its  install 
default. 

54  John  Berry  says  deploying 
new  systems  entails  changes 
in  workflows,  business  proc¬ 
esses  and  job  responsibilities, 
all  of  which  should  be  figured 
into  the  initial  business  case 
for  the  IT  investment. 

62  Frank  Hayes  reminds  us  that 
even  journalists  can  find  un¬ 
linked,  proprietary  informa¬ 
tion  on  Web  servers  when 
companies  don’t  take  simple 
precautions  to  protect  it. 


DEPARTMENTS/RESOURCES 


News  Briefs  . 10,14 

Letters . 25 

Company  Index . 60 

How  to  Contact  CW . 60 

Shark  Tank  . 62 


ONLINE 

WWW.C0MPUTERW0RLD.COM 


Complete  Microsoft  Coverage 

NEWS  RESOURCES:  For  additional  news  and 
analysis  of  Friday’s  Microsoft  remedy  ruling, 
head  to  our  special  coverage  page,  where 
you’ll  find  more  stories  about  the  judge’s 
decision  as  well  as  archives  of  our  past  cov¬ 
erage.  O  QuickLinka2660 


What  Do  You  Think? 

FORUMS:  Weigh  in  on  the  remedy  ruling,  and 
read  what  others  have  to  say  in  our  discus¬ 
sion  forum.  ©  QuickLink  a2650 


Wireless  Do’s  and  Don’ts 

KNOWLEDGE  CENTER  H0W-T0:  Online  editor 


at  large  Brian  Sullivan  writes  up  a  tips  list  for 
developing  wireless  applications.  It’s  based 
on  a  presentation  at  the  Enterprise  Wireless 
Forum  by  Meryl  Enerson  of  Enervision 
Media.  ©  QuickLink  34074 

Forgotten  Issue 

KNOWLEDGE  CENTER:  As  voters  go  to  the 
polls  this  week,  privacy  will  be  a  forgotten 
topic,  writes  columnist  Jay  Cline.  Why?  Be¬ 
cause  consumers  may  worry  about  it,  but 
they  aren’t  willing  to  go  to  a  lot  of  trouble  to 
do  something  about  it.  ©  QuickLink  a2670 

Web  Roundup 

KNOWLEDGE  CENTER:  Our  Development 
Center  WebLog  is  now  featuring  links  to  arti¬ 
cles  that  focus  on  Web  site  development. 
Read  “Ten  Easy  Ways  to  Break  Your  Web 
Page,”  and  “Web  Site  Redesign  Without  a 
Nervous  Breakdown.”  ©  QuickLink  k235G 


What’s  a  QuickLink? 

On  some  pages  in 
this  issue,  you'll  see 
a  QuickLink  code  pointing 
to  additional,  related  con¬ 
tent  on  our  Web  site.  Just 
enter  that  code  into  our 
QuickLink  box.  which 
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each  page  on  our  site. 
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Microsoft 


puter  &  Communications  In¬ 
dustry  Association  in  Wash¬ 
ington.  “It’s  a  shame;  it’s  a  loss 
for  innovation.  It’s  such  a  bad 
decision  that  it  leaves  good 
grounds  for  appeal.” 

Legal  experts  said  the  one¬ 
sided  decision  will  make  it 
difficult  for  an  appeal  to  suc¬ 
ceed.  “An  appeal  is  almost  a 
fruitless  effort,”  said  Hillard 
Sterling,  an  antitrust  attorney 
in  Chicago.  “Appellate  courts 
almost  uniformly  affirm  these 
types  of  remedy  decisions. 
This  decision  is  virtually  bul¬ 
letproof.” 

Microsoft  has  already  taken 
steps  to  comply  with  the  set¬ 
tlement,  giving  PC  makers 
more  flexibility  and  uniform 
terms,  and  application  devel¬ 
opers  broader  access  to  Win¬ 
dows  interfaces  and  protocols, 
said  analysts. 

“A  big  win  for  Microsoft, 
and  we  expect  very  few 
changes,”  said  Tom  Bittman, 
an  analyst  at  Gartner  Inc.  in 
Stamford,  Conn.  “They’ve  al¬ 
ready  adopted  a  lot  of  the  be¬ 
havioral  changes  internally. 

We  expect  to  see  very  few 
changes  from  this  ruling,  per 
se.  So  don’t  expect  something 
different  tomorrow  from 
Microsoft.  Those  changes 
have  already  been  made.” 

In  a  statement,  Microsoft 
called  the  settlement  “a  tough, 
but  fair,  compromise.”  It 
added  that  the  settlement  im¬ 
poses  significant  require¬ 
ments,  but  it  “enables  us  to 
continue  to  innovate  and  to 
create  products  that  address 
the  changing  needs  of  our 
customers.” 

Friday’s  ruling  calls  for  Mi¬ 
crosoft  to  form  a  compliance 
committee  that  includes  its 
board  members.  Paul  Neilson, 
CIO  at  Monster.com  in  May¬ 
nard,  Mass.,  questioned  the 
prudence  of  that  decision. 

“The  fox  is  watching  the 
chicken  coop,”  he  said.  “And 
we  know  that  this  fox  raids 
the  chicken  coop.”  > 


Maryfran  Johnson,  Carol  Sliwa 
and  Todd  R.  Weiss  contributed 
to  this  report. 


CIOs  Try  New  Ways  to 
Demonstrate  IT’s  Value 


Conference  attendees  say  IT  managers 
need  to  focus  on  more  than  savings 


BY  THOMAS  HOFFMAN 

NEW  YORK 

T  LEADERS  CAN  PROVE 
the  value  of  technology 
investments  to  senior 
management  by  shifting 
the  perception  that  IT  is  a  cost 
center  and  focusing  on  how  it 
can  help  companies  achieve 
top-line  revenue  growth,  said 
CIOs  at  a  conference  held 
here  last  week. 

One  good  way  to  do  that 
is  to  look  beyond  some  of  the 
more  obvious  areas  to  iden¬ 
tify  opportunities  for  deriving 
benefits  from  IT,  they  advised. 

That’s  what  fames  H.  Noble 
envisions  at  Philip  Morris  Co. 
Dissatisfied  with  the  standard 
approaches  to  running  an  IT 
organization,  Noble,  CIO  at  the 


New  York-based  consumer 
products  and  cigarette  com¬ 
pany,  convinced  senior  man¬ 
agement  and  business  unit 
leaders  to  create  a  shared  ser¬ 
vices  organization  that  gives 
profit-and-loss  responsibilities 
to  Philip  Morris’  IT  operations. 

CIOs  “are  all  tired  of  beg¬ 
ging  around  with  a  tin  cup” 
trying  to  get  business  man¬ 
agers  to  fund  IT  projects, 
Noble  said.  What  Philip  Mor¬ 
ris  is  doing  will  let  the  compa¬ 
ny’s  technology  managers  look 
beyond  merely  “squeezing 
costs  out  of  IT,”  he  explained, 
speaking  at  the  conference 
sponsored  by  the  Society  for 
Information  Management  in 
Chicago. 

For  example,  Noble’s  group 


Hidden 

Advantages 

Philip  Morris  CIO  James  H. 

Noble  said  his  company’s  new 
approach  to  IT  should  provide 
these  not-so-obvious  benefits; 

*  y  - 

A  subtle  centralization  of 
IT  operations 

‘  **-r  •yW 

Improved  technology 

standardization 

Increased  purchasing  power 

Better  identity  and 
branding  for  IT 

More  respect  for  IT  from 
business  managers 


is  setting  up  a  Web-based 
“store”  that  business  man¬ 
agers  could  use  to  shop  for  IT 
services  from  the  shared  ser¬ 
vices  operation.  Users  of  the 


Wireless  LAN  Vendor  Group 
Looks  to  Improve  Security 


New  specs  target 
WEP  shortcomings 

BY  BOB  BREWIN 

A  group  of  wireless  LAN  tech¬ 
nology  vendors  last  week  de¬ 
tailed  a  set  of  interim  specifi¬ 
cations  designed  to  beef  up 
security  through  the  use  of 
harder-to-break  encryption 
keys  and  an  industrywide  user 
authentication  plan. 

The  specifications,  called 
Wi-Fi  Protected  Access 
(WPA),  were  announced  by 
the  Mountain  View,  Calif.- 
based  Wi-Fi  Alliance  trade 
group.  The  move  is  the  culmi¬ 
nation  of  an  enhanced  wireless 
security  initiative  that  was 
started  earlier  this  year  by  a 
group  of  vendors,  including 
Microsoft  Corp.  and  Cisco  Sys¬ 
tems  Inc.  [QuickLink  33010], 

Dennis  Eaton,  the  Wi-Fi 
Alliance’s  chairman,  said  he 


expects  vendors  to  start 
rolling  out  products  featuring 
key  components  of  WPA  in 
February.  Among  the  compa¬ 
nies  that  announced  plans  to 
offer  WPA-compliant  prod¬ 
ucts  were  Cisco, 
Hewlett-Packard 
Co.  and  Proxim 
Corp.,  a  Sunnyvale, 

Calif. -based  maker 
of  wireless  LAN 
hardware  devices. 

The  specifica¬ 
tions  include  a 
built-in  mechanism  to  au¬ 
thenticate  the  identity  of 
wireless  LAN  users  based  on 
the  Extensible  Authentication 
Protocol. 

WPA  also  replaces  the  static 
encryption  keys  incorporated 
into  the  existing  Wired  Equiv¬ 
alent  Privacy  (WEP)  protocol 
with  harder-to-crack  dynamic 
keys  based  on  the  Temporal 
Key  Integrity  Protocol  (TKIP), 


the  alliance  said.  TKIP  is  part 
of  a  draft  802.11i  standard  that 
will  supersede  WPA  but  isn’t 
expected  to  be  approved  by 
the  Institute  of  Electrical  and 
Electronics  Engineers  Inc.’s 
standards  body  until  2004. 

John  Pescatore,  an  analyst 
at  Gartner  Inc.  in  Stamford, 
Conn.,  said  the  WPA  an¬ 
nouncement  marks  the  indus¬ 
trywide  accep¬ 
tance  of  the  Safe 
Secure  Networks 
project  launched 
by  Microsoft,  Cis¬ 
co  and  other  ven¬ 
dors.  That  effort 
first  came  to  light 
last  month. 

Pescatore  said  corporate  IT 
departments  with  hundreds 
or  thousands  of  wireless  LAN 
users  could  face  a  daunting 
task  if  they  have  to  upgrade 
the  client  software  on  mobile 
computers  to  add  WPA-com¬ 
pliant  capabilities.  But  upgrad¬ 
ing  wireless  LAN  access 
points  should  be  a  relatively 
easy  task  that  can  be  managed 
centrally,  he  said.  I 


NO  CHANGES 

The  WPA  specifications 
aren't  expected  to  do  much  to 
protect  users  of  public-access 
Wi-Fi  LANS: 

O  QuickLink  34073 
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I  Web  site  also  will  be  able  to 
compare  the  support  costs 
charged  by  the  internal  group 
with  IT  benchmarking  data 
supplied  by  Meta  Group  Inc. 
in  Stamford,  Conn. 

The  operating  model  adopt¬ 
ed  by  Philip  Morris  should 
make  it  possible  for  the  shared 
services  organization  to 
demonstrate  lower  costs  than 
vendors  that  are  saddled  with 
cost-of-sales  overhead,  Noble 
said.  It  has  also  helped  him 
“raise  the  agenda  of  the  CIO  to 
the  board  level”  so  he  can  de¬ 
bate  IT  investment  priorities 
with  other  executives,  he  said. 

Other  Approaches 

Shelley  Leibowitz,  managing 
director  and  CIO  at  Morgan 
Stanley  Dean  Witter  &  Co., 
has  taken  a  different  approach 
to  help  prove  the  value  of  IT 
to  top  executives  at  the  finan¬ 
cial  services  firm.  Leibowitz 
said  she’s  leveraging  co-sourc¬ 
ing  and  outsourcing  arrange¬ 
ments  to  save  money  and  fo¬ 
cus  on  core  competencies 
while  diversifying  the  IT  sup¬ 
port  provided  to  the  compa¬ 
ny’s  users. 

A  case  in  point:  New  York- 
based  Morgan  Stanley  strug¬ 
gled  in  the  past  with  quality 
assurance  and  systems  testing 
that  was  done  in-house,  said 
Leibowitz.  But  by  outsourcing 
those  functions  to  a  group  of 
vendors  on  a  project-by-proj- 
ect  basis,  Morgan  Stanley  has 
seen  the  quality  of  the  work 
“greatly  improve,”  she  added. 

New  York  University  CIO 
Marilyn  McMillan  said  the 
school’s  IT  department  has  set 
up  a  Web-based  educational 
portal  for  internal  users  in  a 
project  that  began  two  years 
ago.  Planned  IT  deliverables 
are  “set  on  a  schedule,  like  a 
vendor  product,”  she  said. 

That  approach  helped  Mc¬ 
Millan  earn  credibility  with 
senior  management  and  se¬ 
cure  funding  for  new  itera¬ 
tions  of  the  portal,  which  is 
now  on  Version  5.0.  McMillan 
said  she  recently  also  gained 
approval  for  an  additional 
“six-figure  investment”  that 
will  be  used  to  add  workflow 
capabilities  for  end  users  to 
access  administrative  applica¬ 
tions  through  the  portal.  I 
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Central  Application  Integration 
Teams  Expected  to  Proliferate 


But  political 
challenges  may 
await  IT  managers 


BY  CAROL  SLIWA 

CHICAGO 

A  growing  number  of  large 
corporations  are  finding  an 
effective,  sensible  means  of 
untangling  their  application 
integration  “spaghetti”  mess: 
creating  central  teams  to  do 
the  untangling. 

At  its  Application  Integra¬ 
tion  and  Web  Services  Confer¬ 
ence  here  last  week,  Gartner 
Inc.  said  it  expects 
more  than  25%  of 
large  enterprises  to 
forge  central  inte¬ 
gration  compe¬ 
tency  centers  dur¬ 
ing  the  next  three 
years,  in  addition 
to  the  25%  that  have  already 
done  so. 

But  companies  that  elect  to 
take  that  approach  to  lessen 
development  time  and  reduce 
redundant  technologies  may 


find  that  they  will  also  need 
some  time  to  smooth  out  the 
prickly  turf  battles  that  may 
emerge  as  they  try  to  shift  a 
responsibility  that  has  tradi¬ 
tionally  fallen  to  their  applica¬ 
tion  development  groups. 

“You’re  talking  about  chang¬ 
ing  the  IS  organization,  so 
you’re  creating  winners  and 
losers,”  said  Gartner  analyst 
Roy  Schulte.  “The  hardest 
thing  to  do  is  stop  thinking  of 
integration  as  part  of  a  partic¬ 
ular  project  and  start  thinking 
of  this  project  as  part  of  the 
enterprise  system  of  systems.” 

Ken  Dschankilic,  manager 
of  integration  ar¬ 
chitecture  at  Cana¬ 
dian  Tire  Corp. 
in  Toronto  and  a 
presenter  at  last 
week’s  conference, 
told  a  packed  audi¬ 
ence  that  the 
biggest  organizational  issue 
his  company’s  core  compe¬ 
tency  center  faced  was  edu¬ 
cating  senior  management 
and  the  application  teams 
about  “why  we  should  exist.” 


“The  mind-set  there  was  we 
were  intruding  on  application 
development,  as  opposed  to 
providing  value,”  he  said. 

But  the  integration  group 
has  been  gradually  building 
converts  since  its  first  project, 
which  involved  populating 
product  data  into  a  Manugis- 
tics  Inc.  application.  By  the 
time  the  second  project  rolled 
around,  Dschankilic  could  tell 
the  programmer  group  that 
half  the  required  development 
was  done,  thanks  to  his  cen¬ 
ter’s  prior  work. 

Yet  even  after  five  years 
in  existence,  the  core  compe¬ 
tency  center  still  encounters 
some  pockets  of  resistance. 
Dschankilic  said  one  applica¬ 
tion  team  that  “despises”  his 
group  and  its  technology  built 
a  point-to-point  interface  “un¬ 
der  the  covers.” 

So  Dschankilic  computed 
how  much  time  and  money 
had  been  spent  building  that 
interface,  since  his  group  al¬ 
ready  had  the  interface  in  its 
inventory.  Once  that  was  de¬ 
termined,  he  said,  “their  man¬ 


JUST  THE  FACTS 

Canadian  Tire’s  Core 
Competency  Center 

■  Maintains  all  integration 
documentation 

■  Performs  and  owns  detailed 
design  for  each  interface 

■  Constructs  middle  pieces  of 
the  interfaces 

■  Supports  what  it  builds 

■  Establishes  best  practices 

■  Performs  integration  broker 
marketplace  evaluations 

■  Does  MQ  administration 

agement  team  said,  ‘You  know, 
we’ve  got  a  problem  here.’  ” 

Now  Dschankilic’s  group 
gets  involved  in  the  system 
development  cycle  to  try  to  nip 
those  sorts  of  problems  in  the 
bud.  Dschankilic  also  sits  on 
a  recently  formed  technology 
review  committee,  along  with 
a  technical  architect  and  an 
application  architect,  to  over¬ 
see  new  application  projects. 

“The  application  team 
should  be  delivering  function¬ 
ality  to  their  end  users,  not 
worried  about  the  plumbing 
underneath,”  Dschankilic  said. 
He  advised  his  peers  to  tell 
their  application  development 


MORE  APP  DEV 

Go  online  to  read  more  about 
application  development: 

0  QuickLink  kllOO 
www.computerworld.com 


teams  that  integration  teams 
aren’t  “replacing  their  jobs,  but 
making  their  life  easier.” 

Schulte  said  Gartner  has 
been  recommending  for  at 
least  three  years  that  compa¬ 
nies  create  an  enterprise  inte¬ 
gration  competency  center. 

It  has  taken  six  years  for  about 
25%  of  large  enterprises  to  do 
so,  he  said. 

But  Schulte  expects  the 
pace  to  pick  up  considerably 
during  the  next  three  years, 
as  more  companies  purchase 
integration  brokers.  Gartner 
predicted  that  more  than  50% 
of  all  large  enterprises  —  com¬ 
panies  with  $1  billion  or  more 
in  revenue  —  will  have  an  in¬ 
tegration  competency  center 
by  the  end  of  2005. 

Derek  Gee,  a  vice  president 
at  Ameriquest  Mortgage  Co.  in 
Orange,  Calif.,  said  his  firm’s 
new  CIO  ordered  the  creation 
of  one  after  he  spotted  devel¬ 
opers  building  the  same  func¬ 
tionality  into  separate  applica¬ 
tions.  “Because  we’re  in  the 
beginning  stages  of  imple¬ 
menting  a  new  strategic  archi¬ 
tecture,  my  concern  is  that 
this  is  going  to  add  develop¬ 
ment  time,”  he  said.  “I  need  to 
sell  them  on  the  long-term 
benefits  of  what  this  architec¬ 
ture’s  going  to  give  them.”  ) 


BEA  Releases  Tool  for  Consolidated 


Developers  can 
view  data  from 
disparate  systems 


BY  CAROL  SLIWA 

BEA  Systems  Inc.  today  will 
ship  software  that  developers 
can  use  in  concert  with  its 
WebLogic  application  server 
to  gain  access  to  and  view  data 
from  disparate  systems  in  a 
consistent  manner. 

Once  connections  to  the 
systems  are  made,  the  new 
Liquid  Data  software  queries 
the  data  sources  and  automat¬ 
ically  converts  the  data  into 
an  XML  representation.  That 
in  turn  provides  developers 
with  a  unified,  reusable  view 
of  their  various  data  sources, 
said  Ajay  Patel,  vice  president 


and  general  manager  of  BEA 
Liquid  Data. 

Developers  can  then  repur¬ 
pose  the  data  for  use  in  other 
applications  —  especially 
those  that  need  up-to-date, 
consolidated  views  of  informa¬ 
tion,  such  as  customer  service 
applications  or  business-to- 
business  portals,  said  Pavey 
Purewal,  a  senior  product  mar¬ 
keting  manager  at  San  Jose- 
based  BEA. 

In  the  Abstract 

“Liquid  Data  creates  an 
abstraction  between  what  the 
application  needs  and  what 
the  actual  data  representation 
is.  Developers  just  use  the 
abstraction.  They  don’t  worry 
about  what  the  data  sources 
are  or  even  where  they  are. 
The  WebLogic  layer  takes  care 


of  that,”  said  John  Parkinson, 
chief  technologist  for  the 
America  region  at  New  York- 
based  Cap  Gemini  Ernst  & 
Young,  a  global  systems  inte¬ 
grator  that  will  be  co-market¬ 
ing  and  training  developers  to 


NEW  PRODUCT 


BEA’s  Liquid 
Data  for  WebLogic 

WHAT  IT  IS:  Software  that 
delivers  a  unified  view  of  dis¬ 
parate  enterprise  data 

WHEN  IT  SHIPS:  Today 

WHAT  IT  COSTS:  $25,000 
per  CPU 


WHAT  IT  WORKS  WITH: 

BEA  WebLogic  Platform  7.0; 
Server  7.0;  Integration  7.0; 
Portal  7.0 


Data  View 

use  BEA’s  new  product. 

Parkinson  said  large  organi¬ 
zations  have  struggled  for 
decades  “to  have  a  single, 
comprehensive  corporate  data 
model,  knowing  where  every¬ 
thing  is  and  having  everything 
consistently  defined.” 

“It  may  sound  easy,  but  it 
turns  out  to  be  very  hard,” 
Parkinson  said,  noting  that 
much  custom  coding  is  re¬ 
quired.  “You  explicitly  con¬ 
vert  data  in  one  format  to  data 
in  another  format  on  an  appli- 
cation-to-application  basis, 
which  is  extremely  expensive 
to  maintain.” 

Cap  Gemini  Ernst  &  Young 
hasn’t  worked  on  any  Liquid 
Data  projects  yet.  According 
to  Parkinson,  the  firm  is  see¬ 
ing  the  most  interest  from 
companies  that  need  to  pull 


together  data  for  customer 
service  applications  in  call 
centers  and  for  business  intel¬ 
ligence  purposes. 

“Liquid  Data  is  a  visionary 
product.  How  far  BEA  itself 
is  able  to  push  it,  we  will  see. 

It  depends  on  the  quality  of 
the  product,”  said  Yefim  Natis, 
an  analyst  at  Stamford,  Conn.- 
based  Gartner  Inc.  “But  the 
idea  of  the  ‘super  API,’  if  you 
like,  that  allows  a  common 
view  on  heterogeneous  data 
is  right  on. 

“People  don’t  want  to 
go  to  tables,  go  to  individual 
data  records.  What  they  want 
to  go  to  is  semantic  data,” 
Natis  added.  “They  want  to 
find  data  that  is  loosely  cou¬ 
pled  and  not  just  be  strictly 
locked  into  individual  data 
structures.” 

Liquid  Data  sells  for  $25,000 
per  CPU.  The  price  includes 
support  for  one  year.  S* 
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Guidelines  Aim  to  Secure 
Government’s  IT  Systems 

NIST  says  draft  recommendations  also 
apply  to  private  sector’s  security  woes 


BY  PATRICK  THIBODEAU 

WASHINGTON 

he  NATIONAL  Insti¬ 
tute  of  Standards 
and  Technology 
(NIST)  last  week  re¬ 
leased  the  first  set  of  draft  in¬ 
formation  security  guidelines 
intended  to  fix  “inconsistent 
and  flawed”  IT  security  as¬ 
sessments  by  federal  agencies. 
Those  guidelines  stand  to  ben¬ 
efit  private  companies  as  well. 


Internet  body  enacts 
reforms  to  ease  rifts 
among  its  members 

BY  TODD  R.  WEISS 

Reform  is  coming  to  the  In¬ 
ternet  Corporation  for  As¬ 
signed  Names  and  Numbers 
(ICANN),  the  nonprofit  group 
that  runs  the  Internet’s  Do¬ 
main  Name  System. 

After  four  days  of  meetings 
in  Shanghai  last  week,  the 
Marina  Del  Rey,  Calif.-based 
group’s  board  of  directors  ap¬ 
proved  a  wide-ranging  set  of 
bylaw  changes.  The  reforms 
are  aimed  at  addressing  issues 
that  have  caused  rifts  among 
ICANN’s  members  about  the 
way  the  organization  watches 
over  the  Internet. 

Among  the  changes  ap¬ 
proved  were  a  reduction  in 
the  number  of  board  members 
from  18  to  15  and  the  creation 
of  an  ombudsman’s  office.  The 
group  will  also  establish  the 
Country-Code  Names  Sup¬ 
porting  Organization  (CNSO) 
and  dissolve  the  Protocol  Sup¬ 
porting  Organization,  replac¬ 
ing  it  with  a  Technical  Adviso¬ 
ry  Committee  (TAC).  ICANN 


The  goal  of  the  guidelines 
is  to  improve  frequently  faulted 
federal  IT  security  by  map¬ 
ping  out  a  best-practices  ap¬ 
proach  to  securing  informa¬ 
tion  systems.  Several  security 
experts  who  have  reviewed  the 
guidelines  said  that  although 
they  use  terminology  and 
refer  to  processes  that  may 
be  unique  to  the  federal  gov¬ 
ernment,  they  are  nonethe¬ 
less  useful  to  the  private  sector. 


also  decided  to  change  the 
name  of  the  Domain  Name 
Supporting  Organization, 
which  will  now  be  known  as 
the  Generic  Name  Supporting 
Organization  (GNSO). 

M.  Stuart  Lynn,  ICANN’s 
president  and  CEO,  said  the 
meetings  were  “a  major  step 
forward  on  the  reform  trail” 
and  will  help  the  nonprofit 
group  as  it  strives  to  be  more 
responsive  to  complaints  and 
criticisms  from  its  members. 

New  Structure 

The  new  ICANN  structure 
will  include  three  supporting 
organizations  —  the  GNSO, 
the  CNSO  and  the  Addressing 
Supporting  Organization  — 
with  four  standing  advisory 
committees  of  the  board:  the 
Governmental  Advisory  Com¬ 
mittee,  the  TAC,  the  DNS  Root 
Server  System  Advisory  Com¬ 
mittee  and  the  Security  Advi¬ 
sory  Committee. 

Some  proposed  reforms  and 
amendments  didn’t  make  it 
into  the  final  package,  Lynn 
said.  ICANN  held  a  public 
forum  Oct.  30,  during  which 
members  and  others  could 
give  their  views  on  the  pro- 


Many  private  companies 
“are  kind  of  haphazardly  going 
along  in  securing  their  sys¬ 
tems,  and  they  are  not  apply¬ 
ing  any  kind  of  guideline  or 
standard,”  said  Lou  Abreu, 
manager  of  leveraged  security 
services  at  Computer  Sciences 
Corp.  in  El  Segundo,  Calif. 
Abreu  said  he  “firmly  be¬ 
lieves”  that  the  NIST  guide¬ 
lines  will  help  private  com¬ 
panies  improve  the  way  they 
approach  security. 

The  guidelines  appear  to 
combine  federal  and  industry 
best  practices.  The  effort  pulls 


posed  changes.  After  hearing 
those  comments,  ICANN  made 
additional  changes  to  reflect 
the  suggestions,  he  said. 

Among  them:  Reversal  of  a 
recommendation  that  would 
have  stopped  ICANN  mem¬ 
bers  from  being  able  to  vote 
multiple  times  on  issues,  de¬ 
pending  on  what  membership 
subgroups  they  represent.  Un¬ 
der  existing  rules,  members 
get  two  votes  on  an  issue  if, 
for  example,  they  are  both 
an  Internet  service  provider 
and  a  top-level  domain  (TLD) 
registry.  Critics  opposed  a 
plan  to  limit  each  member  to 
one  vote,  and  the  proposal  was 


Changes  for  ICANN 


Reforms  include: 

REDUCING  the  size  of  the  board 
from  18  to  15  members. 

ATING  an  ombudsman’s 
office. 

ESTABLISHING  a  Country-Code 
Names  Supporting  Organization. 

REPLACING  the  Protocol  Sup¬ 
porting  Organization  with  a  Tech¬ 
nical  Advisory  Committee. 


together  “information  that  has 
been  scattered  all  over  the 
place,”  said  David  Black,  a 
computer  security  expert  at 
Hamilton,  Bermuda-based 
Accenture  Ltd. 

Charles  R.  Hudson  Jr.,  an 
infrastructure  security  manag¬ 
er  and  senior  security  officer  at 
Wilmington  Trust  Co.  in  Dela¬ 
ware,  said  the  NIST  guidelines 
could  ultimately  become  man¬ 
dates  for  regulated  industries, 
such  as  financial  institutions. 

The  private  sector  has  prac¬ 
tices  comparable  to  those  men¬ 
tioned  in  the  federal  guide¬ 
lines.  For  instance,  rather  than 
calling  the  final  approval  of  a 
security  assessment  a  “certifi¬ 
cation,”  a  business  might  call 
it  a  “business  assurance  let¬ 
ter.”  In  either  case,  it  attests  to 
upper  management  that  sys- 


dropped,  Lynn  said. 

With  the  bylaws  and 
changes  approved,  ICANN 
plans  to  meet  again  in  Decem¬ 
ber  in  Amsterdam  to  put  in 
place  a  transition  plan,  he  said. 

Also  raised  at  the  meetings 
was  the  possibility  that  some 
TLD  holders  may  try  to  chal¬ 
lenge  ICANN  next  year  for 
some  of  its  administrative 
power  [QuickLink  34005]. 

Some  of  those  TLD  holders 
said  they  may  want  to  try  to 
take  over  some  of  the  admin¬ 
istrative  work  now  done  by 
ICANN  under  a  contract  with 
the  U.S.  Department  of  Com¬ 
merce.  The  so-called  Internet 
Assigned  Numbers  Authority 
(IANA)  maintains  administra¬ 
tive  contacts  for  the  Internet, 
updates  name  servers  and 
completes  other  administra¬ 
tive  tasks.  At  the  ICANN 
meetings,  some  TLD  holders 
said  they’re  thinking  of  mak¬ 
ing  their  own  bid  for  the  next 
IANA  contract,  which  expires 
in  March. 

Lynn  said  the  issue  is  evi¬ 
dence  that  “relations  with  the 
[TLD  holders]  always  have 
their  ups  and  downs.” 

However,  while  some  TLD 
holders  were  looking  into  such 
a  possibility,  not  all  feel  that 
way,  he  said.  “It  depends  on 
who  you  want  to  believe,”  Lynn 
said.  “We’re  going  to  move 
forward  in  a  positive  way.”  I 


NIST  Gist 

SECTION  1  concerns  certifica¬ 
tion  and  accreditation. 

SECTION  2  looks  at  system 
controls. 

SECTION  3  examines  verifica¬ 
tion  procedures  and  techniques 
tied  to  each  of  the  controls. 

- 

WHERE:  www.csrc.nist.gov/ 
sec-ceri 

COMPLETION  DATE:  Sometime 
next  spring.  In  the  meantime, 

NIST  is  seeking  feedback  from  IT 
professionals. 

terns  meet  a  certain  level  of 
security,  said  Black. 

The  lack  of  a  standard 


security  approach  at  federal 
agencies  has  produced  nu¬ 
merous  security  certification 
processes  that  are  complex, 
outdated  and  costly.  And  it  has 
resulted  in  assessments  that 
“are  often  inconsistent,  flawed 
and  not  repeatable  with  any 
degree  of  confidence,”  the 
NIST  report  stated. 

Ron  Ross,  a  NIST  security 
expert  who  co-authored  the 
guidelines,  said  a  standardized 
process  “allows  federal  agen¬ 
cies  to  better  understand  how 
their  partners  are  dealing  with 
the  security  issues.” 

“If  you  don’t  have  a  standard 
process  or  standard  controls 
as  the  basis  of  that  under¬ 
standing,  you’re  all  working 
off  different  sheets  of  music,” 
he  said. 

Gaithersburg,  Md.-based 
NIST  is  seeking  comment  on 
the  draft  from  anyone  with  an 
interest  in  corporate  security. 

One  reason  the  government 
would  like  to  hear  from  the 
private  sector:  “The  federal 
government  is  more  or  less  a 
microcosm,”  said  Ross,  ex¬ 
plaining  that  the  government 
faces  many  of  the  same  chal¬ 
lenges  that  the  private  sector 
does  in  disciplines  such  as  lo¬ 
gistics,  medicine  and  finance. 
“We’re  all  using  the  same  ba¬ 
sic  information  technology.”  I 


STOP  THE  STOVEPIPING 

The  federal  government  is  trying  to  get 
its  agencies  to  adopt  open  standards: 

QuickLink  34077 
www.computerworld.com 


ICANN  Wraps  Up  Shanghai 
Meetings  With  Bylaw  Changes 


Get  the  Price/Performance  Advantage 

With  Oracle,  Dell  and  Red  Hat 


“Those  running  Oracle,  Dell,  and 
Red  Hat  Linux  have  a  price/performance 
advantage.  Users  can  buy  four  4-way 
Dell  servers  running  Oracle  and  Linux 
with  exceptional  performance  for  less 
than  a  12  or  16 -way  proprietary  SMP 
system  at  a  hefty  savings.” 


Aberdeen  Group 


June  2002 


D^LL  m  redhat. 


Learn  more  about  an  Oracle 
certified  configuration  for 
Dell  with  Red  Hat  Linux 
Advanced  Server. 


oracle.com/linux/dell 

1.800.633.0567 
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HP  to  Lay  Out  Its 
On-Demand  Plans 

Hewlett-Packard  Co.  this  month 
plans  to  announce  a  road  map 
for  integrating  its  OpenView  net¬ 
work  management  software  with 
its  Utility  Data  Center  technology 
for  on-demand  computing.  Nora 
Denzel,  senior  vice  president  of 
HP’s  software  business  unit,  said 
new  products  that  fit  into  the 
company’s  emerging  on-demand 
strategy  will  be  rolled  out  over 
the  next  few  years. 


EDS  Plans  to  Cut 
Up  to  5,500  Jobs 

Electronic  Data  Systems  Corp. 
reported  weak  third-quarter  re¬ 
sults  and  said  it  plans  to  cut  its 
138,000-employee  workforce  by 
up  to  4%  over  the  next  few 
quarters.  As  many  as  5,500 
workers  could  be  let  go,  EDS  in¬ 
dicated.  The  Plano,  Texas-based 
company  said  it  also  plans  to 
shift  at  least  1,500  application 
development  and  client  call  cen¬ 
ter  jobs  to  lower-cost  “solutions 
centers”  next  year. 


EMC,  Dell  Launch 
CX200  Disk  Array 

EMC  Corp.  and  Dell  Computer 
Corp.  jointly  announced  an  en¬ 
try-level  model  of  EMC’s  Clariion 
disk  array  line  that  Dell  will  man¬ 
ufacture  at  plants  in  Texas,  Ire¬ 
land  and  Malaysia.  Dell  has  been 
reselling  the  Clariion  arrays  for 
the  past  year,  but  the  new 
CX200  is  the  first  device  it  will 
produce.  EMC  will  also  make  the 
entry-level  array,  which  has  a 
storage  capacity  of  up  to  2.2TB. 


Short  Takes 

St.  Louis-based  Emerson  Electric 
Co.  said  it  plans  to  standardize 
its  60-plus  divisions  on  ORACLE 
CORP.’s  E-Business  Suite  appli¬ 
cations - SUN  MICROSYS¬ 

TEMS  iNC.  announced  upgrades 
of  its  software  for  rehosting 
mainframe  applications  on  its 
Unix  servers. 


MARK  HALL  ■  ON  THE  MARK 

Ariba,  Closedloop  Apps 
Force  Companies  to . . . 

. . .  change  their  organizational  behavior,  but  neither  vendor  has 
sought  input  about  their  products  from  gurus  in  the  field.  Doug  Bar¬ 
ton,  vice  president  of  marketing  at  Redwood  City,  Calif.-based  Closed- 
loop  Solutions  Inc.,  says  his  company  preferred  to  employ  the  “defin¬ 
ing  moment”  approach  (informal  chats  with  users)  to  research  how  to 
best  prod  workers  to  alter  their  sloppy  financial-planning  habits. 


And  Martin  Boyd,  director  of  product 
marketing  at  Ariba  Inc.  in  Sunnyvale, 
Calif.,  acknowledges  that  his  company 
also  skipped  chatting  with  behavioral 
experts  about  its  procurement  manage¬ 
ment  product,  despite  admitting  that 
what  it  attempts  to  solve  is  “an  organiza¬ 
tional  problem,  not  a  price  problem.” 

Nonetheless,  both  companies  next 
week  will  press  forward  with  major  up¬ 
grades  to  their  core  product  lines.  Ariba’s 
Analysis,  Buyer,  Content  and  Sourcing 
products  will  see  significant  improve¬ 
ments,  primarily  through  tighter  integra¬ 
tion.  And  Closedloop’s  Exchange, 
Reporting  and  Analysis, 

SpendCap  Manager  and 
TopLine  Manager  programs 
will  all  be  revamped  in  big 
ways.  Plan  for  the  turmoil  to 
commence  in  December, 
when  both  companies’  up¬ 
grades  go  gold.  ■  Zach  Nelson 
scoffs  at  a  recent  comment 
made  here  [QuickLink  33689] 
by  CEO  Marc  Benioff  that 
Salesforce.com  will  have  its 
accounting  package  ready 
soon.  “It’ll  take  four  years, 


minimum,”  counters  Nelson,  president  of 
San  Mateo,  Calif.-based  competitor  Net- 
Ledger  Inc.  “He’s  welcome  to  our  swamp, 
but  we’re  the  biggest  alligator  in  it.”  That 
swamp  is  the  subscription-based  online 
integrated  accounting  and  CRM  software 
market.  Both  Nelson  and  Benioff  are 
used  to  carnivorous  reptiles,  being  exec¬ 
utive  refugees  from  Oracle  Corp.  Al¬ 
though  Oracle  may  compete  with  both 
companies  on  occasion  for  midsize  com¬ 
panies’  business,  CEO  Larry  Ellison  is  hedg¬ 
ing  his  bets  three  ways,  you  might  say,  since 
he’s  personally  been  an  initial  investor  in 
both  NetLedger  and  Salesforce.com. 

■  Will  Java  jockeys  jump  joyfully 
with  tomorrow’s  release  of 
Borland  JBuilder  8  and  Opti- 
mizeit  Suite  5?  Probably,  since 
Scotts  Valley,  Calif. -based 
Borland  Software  Corp.’s 
JBuilder  is  a  hugely  popular 
development  tool.  But  much 
of  the  celebrating  will  be 
about  the  new  Automatic 
Memory  Leak  Detector  in 
Optimizeit.  Memory  leaks  are 
the  bane  of  performance- 
minded  Java  programmers. 


■  By  the  end  of  Q4,  COM  middleware  gets 

the  boot  in  favor  of  .Net  when  OpenNet- 
work  Technologies  Inc.  in  Clearwater, 
Fla.,  releases  DirectorySmart  4.8.1,  its 
network  directory  and  security  manage¬ 
ment  software.  The  upgrade  will  also  im¬ 
prove  centralized  control  of  provisioning 
systems  on  the  network.  ■  As  if  they  aren’t 
cocky  already,  your  company’s  marketing 
people  will  be  able  to  bypass  IT  to  create 
their  own  custom  Web  analytic  reports 
that  can  slice,  dice  and  presumably  splice 
together  e-commerce  buyers.  They  can 
do  that  using  Bellevue,  Wash.-based  digi- 
Mine  Inc.’s  Customer  Segment  Manager, 
which  works  with  the  company’s  online 
data  warehouse.  Available  today  at  $5k 
per  month,  it’s  probably  worth  it  to  keep 
the  flash-and-dash  crowd  out  of  your 
hair.  ■  Who  cares  about  real-time  operat¬ 
ing  systems  (RTOS)?  You  do.  Or  should. 
RT0S  devices  are  working  their  way  up  the 
tech  food  chain  into  IT’s  domain,  says  Paul 
Zorfass,  an  analyst  at  IDC/First  Technol¬ 
ogy  Inc.  in  Framingham,  Mass.  That’s 
why  this  week’s  announcement  by  Wind 
River  Systems  Inc.  in  Alameda,  Calif.,  the 
$350  million  “head  and  shoulders  market 
leader,”  might  catch  your  eye.  Wind  Riv¬ 
er  is  releasing  four  RTOS  packages  tar¬ 
geting  vertical  technologies,  two  of  keen 
interest  to  IT:  network  equipment  and 
server  appliances.  According  to  Wind 
River  Chairman  and  co-founder  Jerry 
Fiddler,  while  OEMs  will  do  the  bulk  of 
programming  for  these  systems,  the  inte¬ 
grated  development  environment  that 
comes  with  the  products  means  IT  will 
end  up  customizing  them  as  well.  Zorfass 
agrees,  adding  that  Microsoft  Corp.  is 
working  its  way  “rather  successfully” 
down  the  tech  food  chain  with  Windows 
CE  in  order  to  extend  Windows  apps  into 
the  RTOS  world.  One  wonders  how  the 
blue  screen  of  death  will  look  in  real  time.  I 


Hot  Stuff 


Net  performance 
and  security  tester 
FlameThrower  II 
Release  5  gets  a  mid 
month  release  from 
Antara.net  LLC. 

Merant's  Web  con¬ 
tent  management 
software  Merant  Col¬ 
lage  3.1  ships  today. 


Security  Gains  Sought  for  Net  Protocols 


Cybersecurity  czar 
calls  for  funding 

BY  MATT  HAMBLEN 

National  cybersecurity  chief 
Richard  Clarke  last  week 
called  for  the  addition  of  a 
“few  million”  dollars  in  annual 
federal  funding  for  indepen¬ 
dent  research  aimed  at  im¬ 
proving  the  security  and  relia¬ 
bility  of  Internet  protocols. 

In  a  conference  call,  Clarke 
said  he  has  talked  with  mem¬ 
bers  of  the  Internet  Engineer¬ 
ing  Task  Force  about  the  idea 


of  creating  a  test  bed  that 
would  simulate  a  large  Inter¬ 
netlike  system. 

The  test  bed  could  be  used 
to  try  out  new  protocols  and 
routing  designs  for  the  Do¬ 
main  Name  System  (DNS)  and 
the  Border  Gateway  Protocol 
(BGP),  which  is  used  in  mil¬ 
lions  of  core  routers  around 
the  world. 

“Systems  like  DNS  and  BGP 
could  be  the  source  of  inten¬ 
tional  or  malicious  acts,  or  the 
source  of  instability  that  could 
flop  the  Internet,”  Clarke  said. 
“Frankly,  we  see  a  lot  of  BGP 


flopping  all  the  time.”  That,  he 
added,  “creates  minor  pockets 
of  instability  in  the  Internet.” 

Clarke  said  BGP  can  be¬ 
come  unstable  when  human 
errors  in  the  protocol’s  routing 
tables,  which  are  akin  to  mas¬ 
sive  phone  books,  are  sent 
back  and  forth  by  routers.  BGP 
is  also  vulnerable  to  attack  be¬ 
cause  it  doesn’t  use  authenti¬ 
cation  or  encryption,  he  said. 

Packet  Design  LLC,  a  Palo 
Alto,  Calif.-based  start-up,  to¬ 
day  plans  to  announce  soft¬ 
ware  designed  to  enhance  the 
performance  of  BGP.  The  tech¬ 


nology,  called  BGP  Scalable 
Transport  (BST),  uses  a  “flood¬ 
ing”  approach  in  which  a  mes¬ 
sage  is  sent  to  a  neighboring 
router  and  then  passed  from 
that  device  to  another  router, 
and  so  on.  The  BST  software  is 
being  marketed  to  router  ven¬ 
dors,  said  Packet  Design  CEO 
Judy  Estrin.  The  software  is 
due  for  release  next  month. 
Pricing  starts  at  $100,000. 

John  McConnell,  an  analyst 
at  McConnell  Associates  in 
Boulder,  Colo.,  described  BST 
as  “very  promising  technolo¬ 
gy.”  But,  he  added,  “you  need 
widespread  adoption  by  the 
service  providers  for  it  to 
make  a  difference.”  I 


Setting  the  Standard 

for  High-end  Categorization, 

Retrieval  and  Information  Systems 


Automatically  Powering  the  Information  behind: 

Portals,  Enterprise  Search,  CRM,  Expertise  Management  and  OEM 


Since  its  beginnings  in  1996,  Autonomy  has  risen  to  the  number  one  slot,  leading 
the  market  for  advanced  categorization,  retrieval  and  expertise  management. 
Autonomy's  open  philosophy,  combining  its  award  winning  advanced  automation 
techniques  with  full  legacy  manual  operations,  gives  customers  the  winning  choice. 

Perhaps  that's  why  Autonomy  is  the  standard  for  more  and  more  of  the 
world's  leading  companies. 

Whether  Autonomy  is  keeping  your  portal  updated  with  relevant  information  from  across 
the  enterprise,  or  allowing  your  CRM  system  to  understand  what  your  customers  are 
actually  telling  you  in  those  emails  and  phonecalls,  Autonomy  is  behind  the  most 
demonstrable  ROI  -  all  built  on  bringing  the  benefits  of  automation  to  your  business. 


*Leader  in  software  licence  revenues  for  high-end  categorization,  advanced  retrieval  and  expertise 
management,  per  information  set  forth  in  U.S.  SEC  filings  and  company  conference  calls. 


At  the  same  time,  Autonomy's  abilities  are  being  harnessed  by  the  world's  leading 
software  companies  to  add  Autonomy  intelligence  to  their  world-class  products. 

Leading  software  companies  across  all  areas  have  chosen  the  next  generation 
over  the  legacy. 

And  we’ve  only  just  begun.  Contact  Autonomy  to  find  out  more  about  our  latest 
technologies  for  telephone  searching  and  categorization,  automatic  clustering,  video 
searching,  parametric  search  and  fully  dynamic  taxonomies. 

Contact  Autonomy  and  speak  with  the  market  leader. 

Tel:  1-877-MYAUTONOMY  or  visit  www.autonomy.com/marketleader 
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Oracle  Tries  to  Smooth  Rocky 
Relations  With  User  Group 

OAUG  president  points  to  improved 
support,  but  some  users  aren’t  satisfied 


BY  MARC  L.  SONGINI 

RACLE  CORP.  last 
week  showed  a 
beefed-up  presence 
at  the  fall  confer¬ 
ence  of  its  independent  appli¬ 
cations  user  group,  signalling 
that  a  well-publicized  rift  be¬ 
tween  the  vendor  and  the 
group  is  continuing  to  mend. 

Oracle  and  the  Atlanta- 
based  Oracle  Applications 
Users  Group  (OAUG)  have 
been  feuding  off  and  on  dur¬ 
ing  the  past  two  years  over 
how  much  support  the  compa¬ 
ny  should  provide  for  the  two 
conferences  that  the  user 
group  sponsors  each  year  (see 
box).  But  Oracle  sent  several 
executives  to  last  week’s  event 
in  San  Diego  and  ran  numer¬ 
ous  technical  sessions. 

“The  relationship  is  becom¬ 
ing  solid  again,”  said  Tom  Wy¬ 
att,  the  OAUG’s  president.  “We 
are  really  seeing  them  deliver. 
Their  participation  in  the  con¬ 
ferences  has  picked  up.” 

Wyatt,  who  is  director  of 
Oracle  systems  at  Sitel  Corp., 
a  customer  service  outsourc¬ 
ing  company  in  Baltimore, 
said  Oracle  is  also  improving 
the  way  it  develops  and  sup¬ 
ports  its  business  applications. 
That’s  in  keeping  with  promis¬ 
es  made  by  Oracle  officials  at 
the  OAUG’s  spring  conference 
in  May  [QuickLink  30039], 

Solving  Problems 

Oracle’s  support  staff  is  taking 
a  “more  rounded  approach” 
and  working  to  analyze  the 
root  causes  of  technical  prob¬ 
lems,  Wyatt  said.  Sitel  runs 
Oracle’s  E-Business  Suite  11.03 
release  and  is  currently  testing 
the  lli  version  of  the  applica¬ 
tions  for  a  planned  spring  up¬ 
grade,  he  added. 

Analysts  said  Oracle  has 
made  strides  during  the  past 
year  to  ease  the  process  of  mi¬ 


grating  to  lli,  through  steps 
such  as  automating  its  internal 
testing  of  the  applications  and 
creating  upgrade  templates  to 
streamline  work  for  users. 

“These  customer-centric 
initiatives  are  coming  from  the 
very  top  of  the  Oracle  execu¬ 
tive  ranks,  and  this  will  cer¬ 
tainly  have  a  positive  impact 
on  Oracle’s  ability  to  support 
its  customer  base,”  said  Tom 
Sweeny,  research  director  at 
the  Service  &  Support  Profes¬ 
sionals  Association,  a  San 
Diego-based  industry  group. 


BY  LUCAS  MEARIAN 

ORLANDO 

Early  this  year,  mortgage 
lender  Fannie  Mae  went  live 
with  a  new  primary  data  cen¬ 
ter  and  storage-area  network 
(SAN)  to  address  its  sprawling 
storage  needs.  Now  1,150  of 
the  company’s  1,400  servers 
are  attached  to  the  SAN, 
which  backs  up  80TB  of  data 
weekly. 

But  Brian  Cobb,  vice  presi¬ 
dent  of  systems  engineering  at 
Washington-based  Fannie 
Mae,  last  week  said  he  has  yet 
to  see  a  storage  management 
platform  that  can  handle  his 
entire  multivendor  infrastruc¬ 
ture.  Nor  has  he  found  virtual¬ 
ization  software  that  can  pool 
all  of  his  storage  resources  and 
serve  them  up  in  a  utilitylike 
fashion  to  end  users. 

“We  need  to  have  improved 
interoperability  and  manage- 


But  not  everyone  is  fully 
satisfied.  Pat  Dues,  a  project 
officer  for  the  Las  Vegas  city 
manager’s  office  and  chairman 
of  the  OAUG’s  customer  sup¬ 
port  council,  said  Oracle  still 
lacks  a  structured  process  that 
IT  managers  can  use  to  re¬ 
quest,  prioritize  and  track 
software  enhancements.  The 
OAUG  is  trying  to  get  a  com¬ 
mitment  for  such  a  process 
from  the  company  but  hasn’t 
had  success  yet,  Dues  said. 

Melanie  Bock,  a  San  Fran- 
cisco-based  Oracle  consultant 
and  a  past  president  of  the 
OAUG,  said  that  the  sets  of 
software  patches  being  re¬ 
leased  by  the  company  also 


ment  tools,”  Cobb  said,  echo¬ 
ing  a  common  refrain  that  was 
heard  at  the  Storage  Network¬ 
ing  World  conference  here  last 
week.  The  event,  which  drew 
about  2,150  attendees,  was  co¬ 
sponsored  by  Computers orld 
and  the  Mountain  View,  Calif.- 
based  Storage  Networking  In¬ 
dustry  Association 
(SNIA). 

Almost  every  IT 
executive  who 
spoke  about  rolling 
out  a  SAN  during 
the  past  three 
years  said  there 
has  been  a  significant  return 
on  investment  associated  with 
the  project.  Users  cited  bene¬ 
fits  such  as  simplified  storage 
management  and  the  ability  to 
consolidate  IT  resources. 

But  some  attendees  said 
there  are  downsides  to  multi¬ 
vendor  storage  installations. 


remain  a  source  of  aggravation 
for  some  users. 

“Oracle  is  reluctant  to  pro¬ 
vide  one-off  patches  for  indi¬ 
vidual  lli  bugs,  of  which  there 
still  are  plenty,”  Bock  said.  But 
installing  a  full  patch  set  may 
require  wider  software  up¬ 
grades,  she  said.  And  drilling 
into  Oracle’s  Web  site  for  in¬ 
formation  on  patch  sets  can  be 
a  “nightmare,”  Bock  added. 

Dues  said  the  groups  of 
patches,  called  minipacks  by 
Oracle,  should  reduce  testing 
and  installation  times  for 
users.  “But  the  problem  with 
this  is  having  to  apply  a  full 
set  of  patches  when  only  a  mi¬ 
nor  one  is  needed,”  she  said.  N 


For  example,  Garrett 
Grainger,  CIO  at  pencil  and 
marker  manufacturer  Dixon 
Ticonderoga  Co.  in  Heathrow, 
Fla.,  said  during  a  panel  dis¬ 
cussion  that  data  availability 

—  specifically,  “being  able  to 
recover  when  we  have  issues” 

—  is  his  biggest  concern.  He 
said  he’s  trying  to  switch  to  a 
single-vendor  infrastructure 
in  order  to  simplify  that  task. 

Previously,  Dixon  Ticon¬ 
deroga  had  a  large 
mix  of  devices  in 
its  storage  environ¬ 
ment.  But  Grainger 
said  that  when  IT 
problems  prompt¬ 
ed  the  company’s 
vendors  to  engage 
in  a  round  of  finger-pointing, 
he  had  to  hire  a  mediator  to 
sort  out  the  difficulties. 

Storage  vendors  are  taking 
steps  to  ease  the  complexity  of 
managing  mixed  SANs.  At  last 
week’s  conference,  a  group  of 
about  20  vendors  demonstrat¬ 
ed  a  multivendor  storage  net- 


IT  Managers  Give  SANs 
A  Qualified  Thumbs-Up 

Conference  attendees  cite  ROI,  but 
storage  management  remains  an  issue 


TECHNOLOGY  TIME 

IBM,  Sun  Microsystems  and 
other  vendors  announced 
new  products  at  Storage 
Networking  World: 

©  QuickLink  34096 
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Frayed  Ties 

APRIL  2000 

The  OAUG  says  no  to  a  proposal 
to  fold  its  conference  into 
Oracle’s  AppsWorid  event. 

OCTOBER  2000 
OAUG  members  are  miffed  by 
Oracle’s  diminished  presence 
at  the  group’s  fall  conference. 

JUNE  2001 

New  talks  between  Oracle 
and  the  OAUG  bog  down  over 
conference  sponsorship. 

OCTOBER  2001 
Oracle  agrees  to  an  OAUG  re¬ 
quest  to  extend  support  for  its 
10.7  applications. 

DECEMBER  2001 

The  two  sides  agree  to  take  part 

in  each  other’s  conferences. 

OCTOBER  2002 
Oracle  sponsors  20  presenta¬ 
tions  at  the  OAUG’s  conference, 
sends  three  executives. 


work  that  was  managed 
through  a  single  interface 
based  on  specifications  that 
are  being  developed  by  the 
SNIA  [QuickLink  33924]. 

Products  that  support  the 
specifications  are  expected  to 
appear  next  year.  But  some 
conference  attendees  said  they 
don’t  want  to  hear  promises 
vendors  won’t  be  able  to  keep. 

“Don’t  come  in  here  and  tell 
me  you  can  do  something  and 
not  be  able  to  demonstrate  it 
to  my  team,”  said  Rick  Peter¬ 
son,  vice  president  of  IT  oper¬ 
ations  and  production  services 
at  DirecTV  Inc.,  a  satellite  TV 
company  in  El  Segundo,  Calif. 

Despite  that  warning,  Peter¬ 
son  said  he’s  confident  that  a 
pair  of  redundant  multivendor 
SANs  DirecTV  began  using  in 
September  will  pay  off.  He  de¬ 
clined  to  comment  on  the  cost 
of  the  project  but  said  he  ex¬ 
pects  the  SANs  to  produce  an 
ROI  within  20  months. 

Peterson  said  he  mitigated 
the  risks  of  the  SAN  installa¬ 
tion  by  doing  intensive  testing 
and  collaboration  with  Direc¬ 
TV’s  vendors,  which  include 
Hewlett-Packard  Co.,  Hous¬ 
ton-based  BMC  Software  Inc. 
and  Waltham,  Mass.-based 
StorageNetworks  Inc.  I 
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Hacking  Syndicates 
Threaten  Banking 


BRIEFS 

-r v.. 


Microsoft  Warns  of 
Flaw  in  Win  XP,  2k 

Microsoft  Corp.  warned  that  an 
unchecked-buffer  flaw  in  virtual 
private  networking  code  that’s 
natively  supported  by  Windows 
XP  and  Windows  2000  could 
leave  systems  vulnerable  to 
denial-of-service  attacks.  The 
company  gave  the  vulnerability 
its  highest  severity  rating  and 
urged  IT  managers  who  provide 
services  based  on  the  Point-to- 
Point  Tunneling  Protocol  to 
install  a  new  software  patch. 


IBM  Offers  Tech 
Financing  Deals 

IBM  announced  a  series  of  IT 
financing  offers,  including  a  90- 
day  deferral  of  payments,  in  a 
bid  to  spur  purchases  of  its  sys¬ 
tems  and  software.  The  “triple 
zero”  deferral  offer  would  let 
qualified  users  put  off  any  down 
payments,  principal  charges  and 
interest  costs  on  orders  placed 
by  Dec.  31,  IBM  said.  The  compa¬ 
ny  is  also  offering  financing  rates 
as  low  as  4.2%  on  hardware 
products  and  3.1%  on  software. 


Unisys  Adds  Line  of 
Packaged  Servers 

Unisys  Corp.  announced  a 
series  of  preconfigured  database 
servers  that  combine  its  ES7000 
high-end  systems  with  hardware 
and  software  from  Microsoft, 
EMC  Corp.  and  others.  Blue  Bell, 
Pa.-based  Unisys  said  the  pack¬ 
aged  servers  run  Microsoft’s 
SQL  Server  database  and  can 
support  up  to  9TB  of  data. 


Short  Takes 

MICROSOFT  upgraded  two  busi¬ 
ness  applications  that  it  acquired 
in  its  July  purchase  of  Danish 

vendor  Navision  A/S _ A  U.S. 

District  Court  judge  in  Texas  re¬ 
jected  INTEL  CORP.’s  request  to 
reconsider  a  ruling  that  Intel’s 
Itanium  processors  infringe  on 
patents  held  by  Huntsville,  Ala.- 
based  Intergraph  Corp. 


Many  incidents  go 
unreported,  World 
Bank  official  says 


BY  DAN  VERTON 

he  number  of  orga¬ 
nized  hacking  syndi¬ 
cates  targeting  fi¬ 
nancial  institutions 
around  the  world  is  growing  at 
a  disturbingly  fast  rate.  And  so 
is  the  number  of  banks  willing 
to  pay  these  high-tech  extor¬ 
tionists  hush  money  to  protect 
their  reputations,  according 
to  a  security  expert  at  The 
World  Bank. 

Cases  in  which  banks,  bro¬ 
kerage  firms  and  other  finan¬ 
cial  institutions  have  quietly 
paid  hacking  syndicates  extor¬ 
tion  money  are  “extremely 
widespread,”  said  Tom  Keller- 
mann,  senior  data  risk  man¬ 
agement  specialist  at  The 
World  Bank  in  Washington. 
Kellermann,  who  co-authored 
a  study  on  the  electronic  secu¬ 
rity  risks  facing  the  global  fi¬ 
nancial  community,  presented 
the  findings  during  an  Oct.  29 
online  seminar  sponsored  by 
Cable  &  Wireless  Internet 
Services  Inc.  in  Vienna,  Va. 

The  127-page  study  details 
the  growing  security  chal¬ 
lenges  facing  the  financial  sec¬ 
tor  as  a  result  of  the  industry’s 


unprecedented  dependence 
on  the  public  telecommunica¬ 
tions  system,  rapid  adoption 
of  wireless  systems  and  out¬ 
sourcing  of  operations  to  third 
parties. 

And  the  growing  depen¬ 
dency  on  Internet  technolo¬ 
gies  that  are  linked  to  sensitive 
back-end  systems,  such  as  cus¬ 
tomer  databases  and  real-time 
stock  data,  has  made  online  ex¬ 
tortion  a  major  “safety  and 
soundness  issue”  for  the  finan¬ 
cial  markets,  Kellermann  said. 

80%  Go  Unreported 

Kellermann  cited  reports  from 
Framingham,  Mass.-based  IDC 
and  Stamford,  Conn. -based 
Gartner  Inc.  that  indicate  that 
roughly  80%  of  cybercrime  in¬ 
cidents  in  the  financial  sector 
go  unreported  to  law  enforce¬ 
ment  agencies. 

Moreover,  he  contends  that 
IT  employees  keep  many  of 
these  incidents  from  senior 
banking  executives  “due  to  the 
reality  that  they  may  be  fired.” 
Banks  don’t  report  these  inci¬ 
dents  mainly  because  they 
want  to  maintain  customer 
and  investor  trust,  according 
to  Kellermann. 

At  the  same  time,  massive 
underreporting  has  created  a 
vicious  catch-22  for  an  indus¬ 
try  that  continues  to  struggle 
with  dwindling  budgets.  “It 


has  a  magnifying  effect  be¬ 
cause  there’s  no  actuarial  data 
to  justify  the  extra  expense  on 
security,”  said  Kellermann. 
“We  are  losing  this  war.” 

Budget  issues  have  also  led 
banks  and  other  financial 
companies  to  outsource  oper¬ 
ations.  But  that  can  have  disas¬ 
trous  consequences  for  hun¬ 
dreds  of  banks  at  once  if  the 
hosting  company  doesn’t  im¬ 
plement  proper  security  pro¬ 
tections,  Kellermann  said.  He 
cited  an  incident  last  year  in 
which  hackers  penetrated  the 
systems  run  by  SI  Corp.,  an 
Atlanta-based  provider  of 
electronic  finance  services  to 
the  financial  industry.  The  in¬ 
cident  led  to  the  compromise 
of  more  than  300  banks,  credit 
unions,  insurance  providers 
and  investment  firms  simul¬ 
taneously. 

Coverups  Not  Common 

Security  experts  and  banking 
officials  contacted  for  this 
story  agreed  that  the  vast  ma¬ 
jority  of  incidents  go  unre¬ 
ported.  Flowever,  they  said 
they  aren’t  convinced  that  in¬ 
ternal  coverups  by  bank  IT 
personnel  are  widespread. 

“I  don’t  think  that  security 
incident  coverups  are  com¬ 
mon,”  said  Joe  Busa,  an  IT 
manager  at  Citizens  Bank  in 
Providence,  R.I.  “It  is  very 


the  lack  of  incident  reporting 
coming  out  of  the  private  sector. 
Unless  more  companies  step  for¬ 
ward  and  cooperate  with  law  en¬ 
forcement  on  prosecuting  cyber¬ 
crimes,  the  FBI's  analysis  and 
prediction  capability  won’t  im¬ 
prove,  nor  will  the  overall  state  of 
security  on  the  Internet,  he  said. 

"We  understand  that  there 
may  be  privacy  [and  public  rela¬ 
tions]  concerns,"  said  Mueller. 
“We,  as  an  organization,  have 
learned  that  you  don’t  want  us 


Lack  of  Incident  Reporting  Hinders  FBI 


Following  last  year’s  terrorist 
attacks,  FBI  Director  Robert 
Mueller  made  the  battle  against 
cybercrime  and  cyberterrorism 
the  bureau's  No.  3  priority,  be¬ 
hind  counterterrorism  and  coun¬ 
terintelligence.  But  private-sector 
cooperation  in  that  fight  remains 
woefully  inadequate,  Mueller  told 
a  meeting  of  industry  and  gov¬ 
ernment  officials  last  week. 

“We  probably  get  one-third  of 


the  [cybercrime]  reports  that  we 
would  like  to  get,”  said  Mueller, 
speaking  at  the  invitation-only 
National  Forum  on  Combating 
e-Crime  and  Cyberterrorism, 
sponsored  by  the  Arlington,  Va.- 
based  Information  Technology 
Association  of  America  (ITAA) 
and  El  Segundo,  Calif.-based 
Computer  Sciences  Corp. 

“You’re  not  enabling  us  to  do 
the  job,"  said  Mueller,  referring  to 


www.computerworld.com 
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Security 
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5.  Intrusion-detection  systems 
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'Operationally  Critical  Threat,  Asset  and 
Vulnerability  Evaluation  methodology  for 
conducting  threat  assessments.  Developed 
by  CERT  Coordination  Center,  Pittsburgh. 

See  www.cert.org/archive/pdf/ 
OCTAVEthreatProfiles.pdf 

SOURCE:  TOM  KELLERMANN.  SENIOR  DATA  RISK 
MANAGEMENT  SPECIALIST.  THE  WORLD  BANK 

hard  to  cover  a  mistake  com¬ 
pletely  from  your  peers.” 

According  to  Gartner  ana¬ 
lyst  John  Pescatore,  all  pub¬ 
licly  traded  companies  are  re¬ 
quired  by  the  Securities  and 
Exchange  Commission  to  re¬ 
port  all  events  that  could  have 
a  material  effect  on  the  busi¬ 
ness.  However,  “there  have 
been  very  few  computer  secu¬ 
rity  incidents  serious  enough 
to  be  classified  as  a  material 
event,”  said  Pescatore.  I 


[responding]  in  raid  jackets;  you 
want  us  there  quietly.” 

ITAA  President  Harris  Miller 
said  it  is  “absolutely  critical”  that 
the  private  sector  and  the  gov¬ 
ernment  work  together,  although 
he  acknowledged  that  “the  reality 
is  that  our  interests  are  not  al¬ 
ways  in  alignment.”  However,  the 
chances  of  battling  e-crime  and 
cyberterrorism  without  the  gov¬ 
ernment’s  help  “are  literally 
zero,”  he  said. 

-  Dan  Verton 
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Saves  space. 
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Dell  j  Enterprise 

Consolidate  with  Dell  and  you’ll  need  to  find  a  new  use  for  your  old  servers. 
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your  IT  dollar. 
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Limping  Nortel  Eyes 
Corporate  Networks 


Tries  to  make 
up  for  slow  sales 
of  telecom  gear 

BY  MATT  HAMBLEN 

ORTEL  NETWORKS 
Ltd.  last  week  un¬ 
veiled  a  marketing 
strategy  focused 
on  mainstream  corporate  users, 
as  the  struggling  vendor  at¬ 
tempts  to  move  beyond  the 
still-dreary  market  for  net¬ 
working  gear  sold  to  telecom¬ 
munications  carriers. 

As  part  of  the  move,  Nortel 
also  announced  revisions  to 
three  IP  telephony  products, 
including  a  switch  that  pro¬ 
vides  electrical  power  over 
Ethernet  to  compliant  devices 
such  as  IP  phones  and  wire¬ 
less  access  points. 

Oscar  Rodriguez,  who  was 
named  president  of  Nortel’s 
enterprise  networks  division 
Oct.  3,  said  in  an  interview 
that  the  Brampton,  Ontario- 
based  company’s  increased 
focus  on  corporate  users  be¬ 
gan  percolating  a  year  ago. 
“The  work  you  see  wasn’t  done 
overnight,”  he  said,  adding  that 
Nortel  will  emphasize  integra¬ 
tion  of  voice  and  data  but 
won’t  force  users  to  give  up 
legacy  networking  systems. 

Users  and  analysts  wel¬ 


comed  the  strategic  move  by 
Nortel,  especially  in  light  of  the 
nearly  60,000  jobs  the  compa¬ 
ny  has  cut  since  early  last  year. 

“It’s  clear  to  me  that  Nortel 
is  here  to  stay,  but  it  was  pain¬ 
fully  obvious  12  months  ago 
that  something  was  really  bro¬ 
ken,”  said  John  Haltom,  net¬ 
work  director  at  Erlanger 
Health  System  in  Chattanooga, 
Tenn.  Erlanger  has  bought 
about  $2.5  million  worth  of 
Nortel  equipment  during  the 
past  year,  including  450  net¬ 
work  nodes  and  500  IP  tele¬ 
phones,  he  said. 

Haltom  said  he  “did  a  lot  of 
homework”  before  picking 
Nortel  as  his  lead  networking 
supplier  over  Cisco  Systems 
Inc.  and  Paris-based  Alcatel. 
He  said  that  last  summer  he 
noticed  a  marked  difference  in 
how  sales  and  service  teams 
from  different  Nortel  divisions 
were  working  together  and 
responding  faster  to  his  ques¬ 
tions  and  requests.  “If  they 
follow  anything  close  to  the 
path  of  the  last  12  months, 
they  are  going  to  still  be  a 
viable  force  to  contend  with,” 
Haltom  said. 

Mark  Fabbi,  an  analyst 
at  Gartner  Inc.  in  Stamford, 
Conn.,  said  the  corporate  net¬ 
working  push  is  important  for 
Nortel.  “The  service  provider 


business  Nortel  once  had  is 
bad  today,”  he  said.  “They  had 
ignored  the  enterprise  for  a 
while,  and  there  were  even 
rumors  a  year  ago  that  they’d 
get  rid  of  the  enterprise  focus. 
But  that’s  been  put  to  bed.” 

Back  to  Break-Even 

Nortel’s  overall  technology 
is  solid,  Fabbi  added.  And 
while  the  company  is  strug¬ 
gling  financially,  it  has  “a  pret¬ 
ty  decent  cash  position”  and 
should  be  able  to  use  the  in¬ 
creased  corporate  focus  to 
get  back  to  break-even  perfor¬ 


mance  by  next  year,  he  said. 

Rodriguez  said  Nortel  will 
emphasize  several  themes 
important  to  corporate  users: 
security,  regardless  of  the  de¬ 
vice;  convergence  of  technolo¬ 
gies  such  as  voice,  video  and 
data;  network  management 
capabilities;  built-in  scalability; 
and  support  for  fail-safe  net¬ 
work  operations. 

An  example  of  the  new 
technology  Nortel  plans  to 
offer  is  presence  awareness, 
which  is  due  to  become  gen¬ 
erally  available  in  the  spring 
as  part  of  the  CSE  MX,  an  IP- 
based  private  branch  exchange 
switch.  Based  on  a  user’s  pref¬ 
erences,  the  switch  will  auto¬ 
matically  move  calls  from  land¬ 
line  phones  to  cell  phones  or 
take  voice-mail  messages  and 
convert  them  to  text  e-mail, 
Rodriguez  said.  I 


NEW  PRODUCTS 


New  Gear 

Networking  devices  Nortel 
announced  last  week  include 
the  following: 

THE  BAYSTACK  460,  a  switch 
providing  integrated  electrical 
power  over  Ethernet.  Available 
in  January,  it  starts  at  $3,495. 

RELEASE  2.0  of  its  Succession 
Communication  Server  for  Enter¬ 
prise  1000,  an  IP-based  private 
branch  exchange  device  that  can 
handle  1,000  users  per  server,  an 
increase  from  640  previously. 
Pricing  starts  at  $625  per  line. 

CALLPILOT  RELEASE  2.0, 

an  upgraded  unified  messaging 
product  that  supports  full  Web 
access  and  adds  new  systems 
management  and  security  fea¬ 
tures.  Pricing  ranges  from  $100 
to  $200  per  client. 


Lucent  Stops  Work  on  Telecom  Switch 


Lucent  Technologies  Inc.  last 
week  confirmed  that  it’s  shutting 
down  development  of  its  TMX 
880  core  network  switch,  which 
was  being  developed  for  use  by 
telecommunications  companies. 

The  TMX  880,  announced 
last  November,  was  based  on 
Multiprotocol  Label  Switching 
(MPLS)  technology.  It  had  been 
in  trials  with  prospective  users 
and  was  being  positioned  as  a 
follow-on  device  to  Lucent's 
6X  550  Asynchronous  Transfer 
Mode  (ATM)  switch. 

Lucent  spokesman  Richard 


Muldoon  said  the  discontinua¬ 
tion  doesn’t  mean  that  the  Mur¬ 
ray  Hill,  N.J.-based  company 
is  abandoning  MPLS  technol¬ 
ogy.  He  noted  that  CEO  Patricia 
Russo  said  last  month  that  Lu¬ 
cent  would  continue  to  invest 
in  MPLS  and  enhancements  to 
the  6X  550,  as  well  as  its  CBX 
500  edge  switch  ||d  PSAX 
edge  concentrator. 

In  the  company’s  fourth-quar¬ 
ter  earnings  call  Oct.  23,  Russo 
talked  of  focusing  on  products 
that  are  part  of  “near  and  clear” 
market  opportunities,  said  Mul¬ 


doon.  He  called  ATM  a  “living 
market”  for  Lucent,  which  has 
reported  losses  for  10  straight 
quarters. 

Tom  Nolle,  an  analyst  at  CIM1 
Corp.  in  Voorhees,  N.J.,  said 
Lucent  wasn’t  getting  demand 
"at  all”  for  the  TMX  880  and  was 
having  problems  meeting  feature 
delivery  requirements. 

But  contrary  to  the  continued 
faith  that  the  company  is  putting 
in  the  GX  550  and  CBX  500, 
killing  the  TMX  880  “almost 
forces  Lucent  to  sell  off  the  re¬ 
mainder  of  the  500/550  product 
set,”  Nolle  said. 

-Matt  Hamblen 


Continued  from  page  1 

J.P.  Morgan 

J.R  Morgan  Chase  said  there 
was  talk  within  the  bank  that 
a  final  decision  could  be  made 
as  early  as  this  week.  But  a 
consultant  who  works  closely 
with  the  company  said  a  high- 
ranking  IT  official  told  him 
that  a  deal  wouldn’t  happen 
so  soon.  Another  source  told 
Cornputerworld  that  any  agree¬ 
ment  probably  wouldn’t  be 
made  until  year’s  end. 

A  spokesman  for  J.P.  Mor¬ 
gan  Chase  declined  to  com¬ 


ment  on  the  situation,  as  did 
officials  from  IBM  and  EDS. 

The  J.P.  Morgan  Chase 
spokesman  also  wouldn’t  dis¬ 
close  the  company’s  annual 
IT  budget  or  the  size  of  its  IT 
staff.  Octavio  Marenzi,  manag¬ 
ing  director  at  Celent  Commu¬ 
nications  LLC,  a  Cambridge, 
Mass.-based  financial  services 
and  IT  consulting  firm,  esti¬ 
mated  that  the  bank’s  2002  IT 
budget  is  about  $4.7  billion. 

Outsourcing  isn’t  entirely 
new  to  J.P.  Morgan  Chase, 
which  was  formed  in  Decem¬ 
ber  2000  through  the  merger 
of  Chase  Manhattan  Corp.  and 


J.P.  Morgan  &  Co.  In  1996,  J.P. 
Morgan  outsourced  one-third 
of  its  global  information  sys¬ 
tems  and  telecommunications 
operations  to  a  group  of  four 
vendors  in  a  seven-year,  $2  bil¬ 
lion  agreement. 

One  of  those  vendors  was 
Computer  Sciences  Corp.  An 
IT  consultant  last  week  said 
El  Segundo,  Calif.-based  CSC 
might  play  a  tangential  role 
in  supporting  either  IBM  or 
EDS  if  J.P.  Morgan  Chase  does 
award  one  of  them  a  contract. 

The  outsourcing  delibera¬ 
tions  come  at  a  time  when  J.P. 
Morgan  Chase’s  executives 


are  under  pressure  because  of 
recent  financial  results.  The 
bank  last  month  said  its  third- 
quarter  earnings  dropped 
from  $1.1  billion  last  year  to 
$325  million,  excluding  special 
items.  The  biggest  problems 
occurred  within  its  invest¬ 
ment  banking  unit,  which 
posted  an  operating  loss  of 
$256  million. 

Marenzi  said  a  large  number 
of  investment  banks  are  con¬ 
sidering  outsourcing  because 
of  cost  pressures.  But  banks 
often  “don’t  know  the  costs  of 
running  their  [IT]  operations,” 
which  makes  it  harder  to  de¬ 


cide  whether  outsourcing 
would  save  money,  he  said. 

In  addition  to  their  potential 
for  lowering  costs,  outsourc¬ 
ing  megadeals  can  provide  “a 
short-term  revenue  bump”  for 
customers  who  sell  their  IT 
equipment  and  facilities  to  the 
outsourcing  vendor,  said  Larry 
Tabb,  an  analyst  at  Tower- 
Group  in  Needham,  Mass.  ► 


MORE  ON  OUTSOURCING 

For  full  coverage  of  IT  outsourcing  deals 
and  issues,  head  to  our  IT  Management 
Knowledge  Center: 
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FREE  white  paper  -  Avoiding 
Costs  from  Oversizing  Data 
Center  Infrastructure  Better 
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Legendary  Reliability" 


You  no  longer  need  to  design  your  data  center  using  an  outmoded  approach. 

From  IkW  to  5MW,  APC  PowerStruXure™ 
architecture  provides  a  patent-pending, 
systematic  approach  to  building  data  center 


infrastructure  utilizing  standardized,  pre¬ 
assembled  components. 


components  and  a  pay-as-you-grow  approach. 
Modular  system  components  are  easily 
replaceable,  decreasing  repair  times. 


Lower  Costs 

PowerStruXure's 
scalable,  modular 
design  lets  you 
build  out  your 
capacity  only  as 
it's  required, 
optimizing  your 
CapEx. 


The  simplicity  of 
design  lowers 
OpEx  and  lessens 
your  dependency 
on  expensive  service  contracts. 


Traditional  data  centers  are 
built  out  for  future  capacity 
and  require  a  large  amount 
of  floor  space  that  could  be 
otherwise  utilized. 


Adapt  to  unexpected  contingencies 

With  PowerStruXure,  there's  no  need  to 
abandon  your  previous  investment  -  whether 

you  need  to 


AFTER 


PowerStruXure  lets  you  build 
out  capacity  only  as  it's  required. 
Save  up  to  50%  CapEx  and 
20%  OpEx*  and  reclaim  an 
average  of  20%  usable  space. 


physically  move 
your  data  center 
or  adapt  to  tech¬ 
nology  refreshes. 

Vendor-neutral 

Best  of  all, 
you  will  never 
be  boxed  in  by 
proprietary 
solutions. 
PowerStruXure 


Reclaim  space 

PowerStruXure's  rack-optimized  design  lets 
you  reclaim  an  average  20%  of  useable  space 
within  your  installation  that  was  previously 
needed  for  infrastructure  equipment. 


is  compatible  with  all  major  server  and 
internetworking  platforms,  including 
HP/Compaq,  Dell,  IBM,  Sun,  Cisco,  Lucent, 
and  Nortel,  guaranteed. 


HP/COMPAQ  •  SUN  •  IBM 


COMPATIBILITY 


DELL  •  CISCO  •  LUCENT 


With  “Fits  Like 
a  Glove" money 
back  guarantee! 
See  Web  Site 
below  for  details. 


"/  enjoy  the  fact  that  I  can 
buy  only  what  I  need  now 
and  add  to  it  later  only  when 
I  need  to.” 

Michael  Touchstone 

Manager  of  Energy 
Conservation, 

Cox  Communications 


Winner  of  the  Windows  and  .Net  Magazine 
"2002  Header's  Choice  Award  for  Best  High  Availability 
Solution"  and  the  GCN  " Best  New  Technology  Award" 
at  FOSE,  March  2002. 


Speed  infrastructure  deployment 

PowerStruXure  dramatically  accelerates  your 
deployment  schedule  with  configure-to-order 
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US 


When  software  lets  you  use  data  to  personalize  customer  connections,  that’s  one  degree  of  separation.  The  myriad  of  choices 
available  to  online  consumers  is  staggering.  The  personal  service  available  at  traditional  businesses  is  largely  absent  online  and  the  pressure 
is  on  you  to  bring  it  back.  Microsoft®  solutions  for  Internet  business  provide  the  tools  you  need  to  build  stronger  relationships  with  your  global 
network  of  customers  and  trading  partners.  Scalable  user  and  content  profiling  allows  you  to  target  content  and  offer  more  personalized 
options  including  customer-specific  catalogs  with  custom  pricing  and  product  information. 

Now  it’s  easier  for  you  to  aggregate  profile  data  from  multiple  underlying  data  sources  to  leverage  existing  technology  investments  and 
enable  richer  profiling  capabilities.  And  with  built-in  business  analytics,  you  can  analyze  ever-changing  user  behavior  to  predict  purchasing 
and  browsing  preferences,  all  while  delivering  real-time  recommendations.  Plus,  through  direct  support  for  XML-based  data,  companies  can 
exchange  catalog  and  order  information  and  integrate  order  fulfillment  systems  for  seamless  transactions.  Find  out  how  .NET  connected 
software  can  help  you  connect  with  your  customers  better.  Go  to  microsoft.com/enterprise  Software  for  the  Agile  Business. 


>00?  Microsoft  Corporation.  All  rights  reserved.  Microsoft  and  BizTalk  are  either  registered  trademarks  or  trademarks  of  Microsoft  Corporation  in  the  United  States  and/or  other  countries.  The  names  of  actual  companies  and  products  mentioned  herein  may  be  the  trademarks  of  their  respective  owners. 


The  Royal  Canadian  Mint  wanted  to  reach  its  diverse  worldwide  customers,  expand  sales  of  its  products,  and  deliver  a  highly 
customized  consumer  experience,  so  they  used  the  Web  content  management  capabilities  of  Microsoft  Content  Management 
Server  integrated  with  the  e-commerce,  personalization  and  backend  data  integration  capabilities  of  Microsoft  Commerce  and 

BizTalk ®  Servers.  Now  the  Mint  can  publish  content  in  multiple  languages,  draw  on  customer 
information  from  its  legacy  database,  and  feed  online  orders  through  an  existing  ERP  system, 
enabling  the  Royal  Canadian  Mint  to  offer  customers  a  richer  and  more  personalized  experience. 
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SAP  Plans  Apps  to  Link 
Plants,  Supply  Chains 


Software  won’t  be  ready 
for  18  to  24  months 

BY  MARC  L.  SONGINI 

SAP  AG  last  week  highlighted  a  long¬ 
term  plan  to  develop  a  set  of  manufac¬ 
turing  applications  designed  to  let 
users  bolt  together  their  supply  chain 
and  shop-floor  systems. 

At  a  conference  in  Nashville  for  pro¬ 
duction  and  inventory  control  man¬ 
agers,  SAP  announced  that  it  has  set  up 
a  team  of  developers  to  focus  on  col¬ 
laborative  production  and  supply 
chain  applications  that  will  work  to¬ 
gether  as  one  system.  While  sketchy 
on  the  details  of  the  plan,  SAP  said  the 
promised  product  suite  will  integrate 
operations  ranging  from  raw  materials 
procurement  to  the  shipment  of  fin¬ 
ished  goods. 

The  envisioned  result:  improved  in¬ 
ventory  turns,  shorter  manufacturing 
cycle  times,  better  quality  manage¬ 
ment  and  a  reduction  in  overall  operat¬ 
ing  costs  and  working  capital  needs. 

Bill  Wohl,  a  spokesman  for  SAP 
America  Inc.  in  Newtown  Square,  Pa., 
said  it  will  probably  take  the  company 


18  to  24  months  to  deliver  new  or  en¬ 
hanced  applications. 

“It’s  less  a  factor  of  technological 
improvements  than  it  is  weaving 
supply  chain  management  into  the 
processes  that  make  up  manufactur¬ 
ing  solutions,”  Wohl  said.  Shop-floor 
workers  typically  have  tended  to  view 
what  they  do  as  different  from  the 
jobs  of  supply  chain  managers.  “Now 
we’re  saying,  ‘Let’s  bring  them  togeth¬ 
er,’  ”  he  said. 

A  production  manager  at  a  North 
American  maker  of  thermal  analysis 


More  From  SAP 

The  software  vendor  also  made  the 
following  supply  chain  announcements: 

NEW  LOGISTICS  EXECUTION  CAPA¬ 
BILITIES  supporting  rail  car  management 
and  customer  freight  invoicing  have  been 
added  to  its  mySap  Supply  Chain  Manage¬ 
ment  applications. 


MORE  THAN  70  HIGH-TECH  COMPA¬ 
NIES,  including  Hewlett-Packard  Co.  and 
Motorola  Inc.,  are  using  the  supply  chain 
software. 


instruments  that’s  part  of  a  manufactur¬ 
ing  group  based  in  Europe  said  SAP’s 
initiative  is  conceptually  appealing  — 
especially  if  it  could  help  users  cut  fax¬ 
ing  and  other  manual  data-sharing  proc¬ 
esses  out  of  the  manufacturing  cycle. 

“I’m  a  small-shop  operator,  but  we 
work  for  a  big  company,”  said  the  man¬ 
ager,  who  requested  anonymity.  His 
operation  uses  the  materials  manage¬ 
ment,  accounting  and  sales  order  entry 
applications  from  SAP’s  R/3  enterprise 
resource  planning  (ERP)  suite  and  has 
tied  them  into  a  central  R/3  system  in 
Europe.  But  it  would  be  a  big  help  to 
have  applications  that  could  send  data 
to  company  headquarters  when  prod¬ 
ucts  are  shipped  to  customers,  he  said. 

David  Dobrin,  an  analyst  at  B2B  An¬ 
alysts  Inc.  in  Cambridge,  Mass.,  said 
he’s  skeptical  about  SAP’s  ability  to  de¬ 
liver  on  its  integration  promise.  So  far, 
no  ERP  vendor  has  successfully  linked 
its  manufacturing  or  back-office  appli¬ 
cations  to  shop-floor  production  sys¬ 
tems  in  a  meaningful  way,  according  to 
Dobrin.  Shop-floor  machines  “don’t  fit 
well  with  ERP  systems,”  he  said. 

“This  is  a  good  first  step  but  still 
does  not  make  SAP  competitive  in 
most  manufacturing  industries  at  the 
shop-floor  level,”  said  Karen  Peterson, 
an  analyst  at  Gartner  Inc.  in  Stamford, 
Conn.  For  users  with  basic  data-inte- 
gration  needs,  the  plan  should  “enable 
a  tighter  coupling  of  the  shop  floor 
with  the  top  floor,”  she  added.  I 


Kapor  Sets  Up  Group  to  Write  Open-Source  Software 


Foundation  will  develop 
personal  information 
manager  applications 


BY  TODD  R.  WEISS 

As  a  co-founder  and  CEO  of  Lotus  De¬ 
velopment  Corp.,  which  is  now  part 
of  IBM,  Mitchell  Kapor  helped  make  the 
PC  useful  for  business  applications  by 
creating  the  Lotus  1-2-3  spreadsheet. 

In  1990  he  helped  form  the  Electronic 
Frontier  Foundation,  a  nonprofit  civil 
liberties  group.  Kapor,  who  turned  52 
Friday,  spoke  with  Computer-world  last 
week  about  his  latest  project:  building 
an  open-source  personal  information 
manager  (PIM)  application. 

How  did  this  PIM  project,  code-named 
Chandler,  come  about,  and  why  did  you 
begin  it?  The  idea  in  general  is  to  create 
more  and  better  opportunities  for  peo¬ 
ple,  especially  people  who  are  less  well 
served,  like  people  on  Macs  or  Linux, 


and  also  small  to  medium-size  organi¬ 
zations.  To  get  advanced  collaboration 
features,  whether  you’re  using  Micro¬ 
soft  Exchange  or  Lotus  Notes,  you 
need  a  big  server.  Big  companies  com¬ 
plain  about  how  much  it  costs,  and 
small  companies  can’t  afford  it. 

But  why  build  an  open-source  PIM  in  a 
market  dominated  by  Exchange,  Notes  and 
others?  Innovation  in  the  commercial 
space  has  really  come  to  a  standstill. 
Some  of  that  is  due  to  Microsoft’s 
dominant  position,  which  makes  it 
foolish  to  try  to  raise  venture  capital 
to  start  a  new  company.  The 
PIM  has  become  in  the  Internet 
era,  for  many  people,  the  single 
most  important  application  that 
they  use,  because  people  spend 
huge  amounts  of  time  with 
their  e-mail.  I  think  there  are 
lots  of  opportunities  to  make 
improvements. 

Why  did  you  create  a  nonprofit 


foundation,  the  Open  Source  Applications 
Foundation,  as  a  base  for  this  effort?  I 

wanted  to  send  a  very  clear  signal  that 
this  is  not  a  vehicle  for  personal  eco¬ 
nomic  ambition.  Developers  who  con¬ 
tribute  won’t  feel  ripped  off. 

Critics  might  say  you’re  doing  this  to  jab 
Microsoft  in  the  gut  for  personal  satisfac¬ 
tion,  because  of  its  domination  of  the  desk¬ 
top  software  market.  Are  they  onto  some¬ 
thing?  I  am  on  the  record  about  being 
unhappy  about  Microsoft’s  behavior 
on  a  number  of  occasions.  But  that’s 
not  a  sustaining  motivation.  The  idea 
is  not  to  take  on  Microsoft.  If 
we’re  successful,  there  will  be 
niche  adoption  of  the  product. 

When  will  the  PIM  be  available  to 
users?  Optimally,  there  will  be  a 
first  release  in  the  fourth  quar¬ 
ter  of  2003  or  the  beginning  of 
2004.  We’ll  have  things  for  de¬ 
velopers  to  play  with  by  the 
end  of  this  year.  • 
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States  Push  to  Require 
Online  Sales  Tax  Collection 


Users  wonder  if 
systems  will  be  able  to 
handle  the  workload 


BY  PATRICK  THIBODEAU 

A  push  by  revenue-hungry  states  to 
simplify  the  sales  tax  system  and  re¬ 
quire  all  online  sellers  of  goods  to  col¬ 
lect  taxes  is  beginning  in  earnest.  And 
it’s  causing  retailers  such  as  Wal-Mart 
Stores  Inc.  to  fret  about  how  the  new 
tax-collection  approaches  would  work. 

Officials  from  states  that  are  in¬ 
volved  in  the  effort  will  meet  next 
week  in  Chicago  to  ratify  a  proposed 
agreement  on  sales  tax  simplification 
plans.  In  order  to  win  congressional 
approval  for  the  mandatory  collection 
of  taxes  on  Internet  sales,  the  group 
needs  to  make  it  easier  for  businesses 
to  collect  and  remit  the  taxes. 

Dave  Bullington,  a  vice  president  at 
Bentonville,  Ark.-based  Wal-Mart,  said 
the  simplification  effort  is  “extremely 
important”  because  retailers  now  face 
a  daunting  mix  of  tax  rules  from  state 
to  state.  Companies  are  also  subject  to 
sudden  rate  changes  that  often  leave 
them  with  little  time  to  adjust  their 
systems,  he  added. 

But  Wal-Mart  and  other  interested 
users  are  unsure  how  well  the  new  tax- 
collection  processes  will  work  in  real- 
world  applications.  For  example,  O.C.  I 


Microsoft  to 
Limit  Office  It 
To  Win  2k,  XP 

New  version  won’t  run 
on  older  OS  releases 

BY  MATT  BERGER 

Microsoft  Corp.  last  week  said  the  next 
release  of  its  Office  software  will  work 
only  on  PCs  that  are  running  Windows 
XP  or  Windows  2000,  the  latter  with  ! 
the  company’s  Service  Pack  3  release 
of  bug  fixes  and  functionality  updates. 

A  Microsoft  spokeswoman  said 
the  software  vendor  could  change  its 
plans  if  it  receives  overwhelming  feed¬ 
back  from  users  of  older  operating  sys¬ 
tems.  But  Microsoft  cited  security  and 


Sales  Tax  Update 


WHAT’S  NEXT:  States  will  meet  Nov.  12  to 
finalize  tax  simplification  agreement. 

WHY  irs  NEEDED:  A  state  can’t  force 
retailers  to  collect  sales  taxes  unless  the 
sellers  have  a  physical  presence  in  the  state. 
By  simplifying  and  automating  tax  collec¬ 
tion,  the  states  hope  to  persuade  Congress 
to  change  that  requirement. 

TECHNOLOGY:  Remote  transaction  servers 
are  being  developed.  Vendors  would  assume 
tax  collection  obligations. 

CERTIFICATION:  Large  businesses  will 
likely  seek  in-house  certifications  that, 
ideally,  would  give  them  certain  protections 
from  audits  if  their  systems  meet  certain 
standards.  Vendors  may  also  be  able  to  sell 
software  that  does  the  same. 

Tanner  Co.,  a  Salt  Lake  City-based 
company  that  created  the  medals 
for  the  2002  Winter  Olympic  Games, 
tested  a  remote  transaction  server  as 
part  of  a  technology  pilot  program  for 
automating  sales  tax  collections. 

Tanner  relied  on  a  remote  server 
operated  by  Taxware,  a  division  of 
GovOne  Solutions  LP,  to  process  sales 
taxes  on  a  special  Web  site  that  sold 
merchandise  related  to  the  Olympics. 
Brad  Lemke,  lead  developer  in  Tan¬ 
ner’s  e-commerce  section,  said  the  sys¬ 
tem  worked  well. 


compatibility  issues  related  to  the 
versions  of  Windows  that  predate 
Windows  2000  as  the  main  reason  for 
its  decision. 

The  disclosure  came  a  week  after 
Microsoft  started  beta-testing  the 
Office  upgrade,  which  is  code-named 
Office  11  [QuickLink  33820],  The  com¬ 
pany  confirmed  the  planned  operating 
system  limits  after  BetaNews,  a  Web 
site  devoted  to  information  about 
products  under  development,  reported 
that  a  Microsoft  developer  had  posted 
information  about  the  limits  on  a  mes¬ 
sage  board  for  Office  11  beta  testers. 

Paul  DeGroot,  an  analyst  at  Direc¬ 
tions  on  Microsoft  Inc.  in  Kirkland, 
Wash.,  said  new  features  that  are 
expected  to  make  it  into  Office  11 
might  require  more  advanced  technol¬ 
ogy  and  security  than  what’s  available 
in  older  versions  of  Windows. 

“To  some  extent,  Microsoft  may  just 
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be  being  fairly  realistic  about  the  mar¬ 
ket,”  he  said.  “They’ve  got  a  product 
that  might  not  run  well  on  the  typical 
Windows  98  machine.” 

But  DeGroot  added  that  Microsoft’s 
decision  also  could  be  an  effort  to 
drive  more  users  to  upgrade  to  its 
most  recent  operating  system  releases. 
“Certainly,  there’s  not  a  lot  of  incen¬ 
tive”  for  Microsoft  to  support  back¬ 
ward  compatibility,  he  said.  “They 
want  you  to  upgrade.” 

Microsoft  limited  the  initial  beta 
release  of  Office  11  to  a  few  thousand 
users.  The  software  is  due  to  undergo 
wider  testing  early  next  year  and  is  ex¬ 
pected  to  be  released  for  general  ship¬ 
ment  in  mid-2003,  with  a  variety  of 
new  features  that  take  advantage  of 
XML  technology.  I 


Berger  is  a  reporter  for  the  IDG 
News  Service. 


But  because  the  pilot  was  limited  to 
four  states,  Lemke  said  he’s  uncertain 
whether  remote  transaction  servers 
could  handle  the  much  greater  transac¬ 
tion  load  generated  by  Tanner’s  main 
retail  systems. 

“I  would  certainly  have  to  be  con¬ 
vinced  that  it  would  perform  well,” 
Lemke  said. 

Wal-Mart  isn’t  likely  to  use  a  remote 
transaction  server  to  automate  its  on¬ 
line  sales  tax  processing. 

“The  last  thing  we  need  to  do  is 
overload  the  telecommunications 
industry  with  trying  to  tie  duplicate 
numbers  of  telephone  lines  into  every 
register  for  tax  rate  calculations,”  said 
Robert  Jenner,  director  of  sales  and  use 
tax  compliance  at  Wal-Mart. 

But  the  retail  giant  is  interested  in 
an  alternative  plan  being  crafted  by 
the  states.  Under  the  plan,  a  company’s 
in-house  tax  systems  would  be  certi¬ 
fied  to  be  in  compliance  with  sales  tax 
rules  if  they  met  certain  performance 
and  accuracy  levels. 

Twenty  to  30  states  are  expected  to 
pursue  online  sales  tax  legislation.  As 
soon  as  proponents  get  10  states  repre¬ 
senting  20%  of  the  U.S.  population  to 
simplify  tax  rules,  they  can  seek  con¬ 
gressional  approval  for  mandatory  sales 
tax  collections,  said  Diane  Hardt,  a  Wis¬ 
consin  tax  official  and  co-chairman  of 
the  Streamlined  Sales  Tax  Project. 

The  states  also  plan  to  arrange  a 
new  technology  pilot  test,  according 
to  Hardt.  Although  there  were  three 
vendors  in  the  first  pilot,  only  Salem, 
Mass.-based  Taxware,  working  with 
subcontractor  Hewlett-Packard  Co., 
got  a  system  operating.  I 
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Users  Continue  to  Feel 
Pain  on  Navy’s  Intranet 

Officials  say  problems  stem  from 
increased  security,  ‘growing  pains’ 


BY  DAN  VERTON 

he  u.s.  navy’s  tran¬ 
sition  to  a  $6.9  bil¬ 
lion  outsourced  in¬ 
tranet  is  still  plagued 
with  problems,  according  to  a 
half-dozen  Navy  IT  managers 
and  a  source  inside  Electronic 
Data  Systems  Corp.,  the  proj¬ 
ect’s  prime  contractor. 

The  sources  said  users  of 
the  Navy-Marine  Corps  In¬ 
tranet  (N/MCI)  struggle  with 
network  slowdowns,  failed 
e-mail  messages,  locked-down 
desktops  that  restrict  applica¬ 
tion  flexibility,  and  delays  in 
fielding  N/MCI-compatible 
workstations  for  science  and 
technology  workers. 

The  Navy  and  EDS  ac¬ 
knowledged  that  there  have 
been  incidents  of  network 
slowdowns  and  lost  e-mails. 


But  they  said  those  are  rare 
cases  that  are  often  the  result 
of  new,  stricter  security  re¬ 
quirements  put  in  place  as 
part  of  the  contract. 

“Many  of  the  issues  that 
have  come  up  over  Internet 
access  and  network  speed 
have  to  do  with  vastly  in¬ 
creased  security  protocols 
that  N/MCI  must  adhere  to,” 
said  Navy  Capt.  Chris  Christo¬ 
pher,  staff  director  of  the 
N/MCI  office.  “As  with  any 
transition  from  an  old  to  a 
new  network,  there  will  be 
growing  pains.” 

Slow  E-Mail,  and  More 

Problems  with  N/MCI,  which 
is  being  developed  under  a 
contract  awarded  to  Plano, 
Texas-based  EDS  in  October 
2000,  were  reported  last 


spring  by  some  early  users  of 
the  intranet.  In  interviews  last 
month,  sources  said  the  glitch¬ 
es  haven’t  been  eliminated. 

“Sending  e-mail  is  no  longer 
a  sure  thing,”  said  a  user  in 
Yorktown,  Va.  “I  now  send  all 
e-mails  from  both 
my  N/MCI  and 
legacy  accounts  to 
ensure  everyone 
gets  them.”  Like 
the  other  users 
contacted  by  Com- 
puterworld,  the 
one  in  Yorktown  requested 
anonymity. 

A  user  on  the  West  Coast 
said  productivity  has  de¬ 
creased  dramatically  since  the 
switch  to  N/MCI  because  of 
slower  network  performance. 
Other  users  complained  about 
new  PCs  that  are  missing 
plug-in  software  and  other  ap¬ 
plications  that  are  part  of  the 
N/MCI  installation  disk. 

Meanwhile,  frustration  lev¬ 


els  have  increased  as  a  result 
of  what  many  consider  to  be 
overly  restrictive  software 
policies  that  dictate  to  local  IT 
managers  what  software  they 
can  load  on  systems. 

More  than  400,000  desktop 
systems  are  due  to  be  connect¬ 
ed  to  the  intranet  when  its 
rollout  is  completed  in  2005. 
To  date,  more  than  33,000  user 
PCs  have  been  transitioned  to 
N/MCI,  and  EDS  has  taken 
over  control  of  94,000  seats  at 
100  locations. 

The  vast  major¬ 
ity  of  the  initial 
seats  were  located 
“at  the  most  com¬ 
plex  Navy  sites,” 
which  may  ex¬ 
plain  some  of  the 
early  glitches,  said  Kevin 
Clarke,  a  spokesman  for  EDS. 

The  Navy  last  month  re¬ 
laxed  its  Web  content  filtering 
policy  for  N/MCI  users,  said 
Clarke.  Likewise,  EDS  made 
upgrades  last  month  to  ad¬ 
dress  congestion  at  the  securi¬ 
ty  boundaries  of  N/MCI  that 
has  led  to  network  slowdowns. 
Clarke  said  tests  show  that 
network  performance  is  well 
within  acceptable  levels.  I 


Trouble 

Timeline 


JUNE  2000 

The  original  contract  award 
date  is  delayed  by  congression¬ 
al  concerns  about  the  Navy’s 
use  of  “operational  funds”  to 
pay  for  the  contract. 

OCTOBER  2000 
After  a  second  delay,  EDS  is 
awarded  the  N/MCI  contract. 
But  Congress  expresses  con¬ 
cern  about  the  “unprecedent¬ 
ed”  scope  and  expense  of  the 
intranet  project. 

MAY  2002 

60,000  pilot  seats  pass  the 
first  test  and  evaluation  phase. 
However,  interna!  EDS  memos 
reveal  delays  and  technical 
problems.  One  major  Navy  unit 
initiates  a  stop-deployment  or¬ 
der,  citing  “inoperative  func¬ 
tionalities.” 


OCTOBER  2002 
Some  users  cite  continued 
problems  such  as  network 
slowdowns  and  lost  e-mails. 
Navy  and  EDS  officials  point  to 
increased  security  and  expect¬ 
ed  start-up  glitches. 


N/MCI  BACKGROUND 

To  read  previous  Computerworld 
coverage  of  the  N/MCI  project, 
visit  our  Web  site: 

O  QuickLink  30073 
www.computerworld.com 


Visa  Eyes  Voice  Recognition  for  Online  Purchases 


Initial  voice  focus 
is  on  resetting 
worker  passwords 

BY  LUCAS  MEARIAN 

Visa  International  Inc.  is  test¬ 
ing  voiceprint  authentication 
technology  that  eventually 
could  be  used  by  the  compa¬ 
ny’s  member  banks  to  let  cred¬ 
it  card  holders  speak  into  their 
PCs  to  verify  online  purchases. 

Visa’s  initial  usage  is  inter¬ 
nally  focused.  About  200  em¬ 
ployees  at  the  Foster  City, 
Calif.-based  company  last 
month  began  beta-testing  soft¬ 
ware  developed  by  Mountain 
View,  Calif. -based  Vocent  So¬ 
lutions  Inc.  for  use  in  resetting 
their  network  passwords. 

Visa  officials  said  they  ex¬ 
pect  Vocent’s  Voice  Secure  - 
Password  Reset  software  to 
produce  a  speedy  return  on 


investment  by  reducing  help 
desk  calls.  Visa  plans  to  go  live 
with  the  application  early  next 
year,  widening  its  rollout  to 
5,000  workers  worldwide. 

But  the  company  is  also 
considering  the  idea  of  de¬ 
ploying  companion  Vocent 
software  as  a  customer-facing 
application  sometime  next 
year.  The  software  would  cre¬ 
ate  a  digital  representation  of 
a  consumer’s  voice  and  then 
match  it  against  comments  he 
was  prompted  to  make  when 
using  a  Visa  card  to  process  an 
online  shopping  order. 

“It’s  not  invasive,  and  it’s 
very  accurate,”  said  Georgann 
Scally,  vice  president  of  alli¬ 
ance  management  at  Visa.  But 
even  if  Visa  is  confident  that 
the  voice-recognition  service 
will  work  for  consumers,  it  will 
be  up  to  the  banks  that  issue 
credit  cards  to  decide  whether 
to  install  the  required  servers 


and  software,  Scally  said. 

Visa  is  using  two  servers 
running  Windows  2000  to 
perform  the  automated  pass¬ 
word  resets  as  part  of  its  inter¬ 
nal  testing.  The  first  server 


■ 


oice  Test 


■  Vocent' s  voice-recognition 
software  is  installed  on  a  Win¬ 
dows  2000  server. 

■  Another  Windows  2000  sys¬ 
tem  is  running  software  from 
Courion  that  builds  a  database 
of  personal  information  about 
Visa  employees. 

■  The  Courion  software  con¬ 
nects  with  voiceprint  data 
stored  in  a  SQL  Server  database 
on  the  same  system. 

■  The  software  resets  passwords 
after  confirming  users’  identi¬ 
ties  through  voice  recognition. 


a 


runs  Vocent’s  applications 
along  with  software  that  inter¬ 
faces  to  Visa’s  private  branch 
exchange  telephone  system. 

The  second  server  runs 
Courion  Corp.’s  Password- 
Courier  software,  which  is  in¬ 
tegrated  with  Vocent-derived 
user  and  voiceprint  data  that’s 
stored  on  the  same  box  in  a 
Microsoft  SQL  Server  data¬ 
base.  Vocent  set  up  the  links 
by  using  application  program¬ 
ming  interfaces  developed  by 
Framingham,  Mass.-based 
Courion  (see  box). 

Fewer  Help  Desk  Calls 

Visa  averages  1,400  password 
resets  per  month,  each  one 
costing  about  $20  in  help  desk 
time,  said  Sam  Rollins,  vice 
president  for  information  se¬ 
curity  at  Visa.  When  the  Vo¬ 
cent/ Courion  system  is  fully 
deployed,  Visa  expects  to  cut 
up  to  three  quarters  of  those 


password  reset  calls,  Rollins 
added.  “It’s  more  than  just  a 
savings  in  dollars,”  he  said. 
“We’re  also  talking  about  the 
time  involved.  It  resolves  [the] 
issue  of  getting  hold  of  some¬ 
one  to  reset  the  password.” 

Rollins  wouldn’t  disclose 
the  budget  for  the  project,  but 
he  said  the  hardware  costs  and 
internal  resource  time  added 
up  to  about  $30,000.  The  test 
system  took  60  to  90  days  to 
roll  out,  he  said. 

Brad  Adrian,  an  analyst  at 
Gartner  Inc.  in  Stamford, 
Conn.,  said  voice-recognition 
technologies  suffered  during 
the  1990s  from  too  much  hype 
relative  to  their  capabilities. 
But  now  the  applications  are 
accurate  90%  to  95%  of  the 
time  and  “can  pay  for  them¬ 
selves  very  quickly,”  he  said. 

Rollins  said  Visa  previously 
tried  voice-recognition  tech¬ 
nology  from  another  vendor, 
and  it  “just  didn’t  work.”  But 
officials  are  happy  with  Vo¬ 
cent’s  software,  he  said.  I 


I  need  to  work 

from  anywhere.  Not  just 

the  nearest  outlet. 
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MARYFRAN  JOHNSON 


PIMM  FOX 


Utility  Computing  Buzz 


THERE’S  AN  OLD  newsroom  joke  that  once 
you’ve  spotted  three  of  something,  you’ve 
got  a  trend.  So  when  IBM  CEO  Sam  Palmi- 
sano  sketched  out  Big  Blue’s  big  vision  of 
“autonomic”  computing  last  week,  it  was  official: 


IBM,  Sun  and  HP  have 
joined  the  trendy  utility 
computing  club.  This 
latest  fashion  in  self- 
healing,  self-managing 
IT  environments  also 
answers  to  buzzwords 
like  grid  computing,  net 
work  resource  provi¬ 
sioning  and  data  center 
virtualization. 

Later  this  month,  HP 
will  roll  out  its  Utility 
Data  Center  architec¬ 
ture,  which  will  bulk  up  its  Open- 
View  management  software  prod¬ 
ucts  with  more  network-mapping 
capabilities  and  a  ream  of  service 
offerings  from  partners.  Sun  recent¬ 
ly  unveiled  its  N1  data  center  virtu¬ 
alization  plans,  aiming  to  automate 
computing  administration  tasks  by 
pooling  resources  such  as  servers, 
storage  and  networking  gear. 

Fundamentally,  the  trio  is  trying 
to  sort  out  the  tangled  complexities 
of  managing  the  distributed  comput¬ 
ing  environments  they  each  had  a 
share  in  creating  in  the  first  place.  In 
calling  its  approach  autonomic  com¬ 
puting,  IBM  has  repurposed  a  med¬ 
ical  term  coined  in  1898  and  usually 
associated  with  involuntary  activi¬ 
ties  of  the  nervous  system.  Interest¬ 
ing  marketing  challenges  lie  ahead 
on  that  one,  I  suspect. 

But  the  much  bigger  challenge 
will  be  in  convincing  senior  IT  man¬ 
agers  and  CIOs  to  buy  into  this  fu¬ 
turistic  vision  that  —  taken  to  its 
utility  metaphor  extremes  —  could 
make  their  jobs  irrelevant.  I  saw  this 
realization  hit  home  last  week  at  a 
CIO  gathering  in  New  York,  where 
Palmisano’s  pronouncements  caught 
everyone’s  attention.  One  CIO  from 
a  Fortune  10  company  summed  up 
the  threat  that  utility  computing 


■ 

MARYFRAN  JOHNSON  IS 

editor  in  chief  of 
erworld.  You  can  con 

her  at  maryfranjohnson® 
computerworld.cnm. 


poses  by  pointing  out 
that  once  computing  ser¬ 
vices  can  be  delivered 
like  electricity  via  an  out¬ 
let  in  the  wall,  “we’re  all 
out  of  a  job.” 

Do  you  know  any  chief 
electricity  officers?  Me 
neither. 

Now,  I’m  sure  it’s  just  a 
wild  coincidence  that  this 
shared  vision  of  utility 
computing  would  enable 
the  Big  Three  to  sell  you 
massive  amounts  of  software  and 
services.  IBM,  Sun  and  HP  execu¬ 
tives  don’t  talk  about  pricing  or  li¬ 
censing  costs  when  they’re  busy  be¬ 
ing  visionaries,  of  course. 

But  they’ve  done  their  math,  and 
they’ve  calculated  a  bleak  bottom 
line,  since  they  can’t  count  on  hard¬ 
ware  sales  to  roar  back.  IBM,  for  ex¬ 
ample,  expects  the  share  of  its  prof¬ 
its  that  hardware  sales  account  for 
to  sink  from  58%  in  2000  to  42%  by 
2005.  Software  and  services,  howev¬ 


er,  are  expected  to  rise  briskly,  from 
29%  of  profits  in  2000  to  41%  in 
2005.  Trends  in  IT  spending  over  the 
past  decade  confirm  that  software 
and  services  are  rising  while  hard¬ 
ware  is  dropping. 

IBM,  Sun  and  HP  executives  are 
also  making  the  usual  vague  claims 
of  how  businesses  will  “save  money 
and  gain  competitive  advantage” 
through  utility  service  computing 
models,  although  there’s  not  a  shred 
of  proof  in  sight.  The  search  for  fel¬ 
low  business  users  of  grid  comput¬ 
ing  is  like  the  search  for  extraterres¬ 
trials  —  intellectually  engaging  but  a 
bit  lonely.  Yet  grid  computing,  in 
which  distributed  networks  of  data 
centers  can  be  virtualized  to  work  as 
one,  does  hold  great  promise. 

The  appeal  of  reducing  complexity 
and  better  utilizing  overbuilt  infra¬ 
structures  will  drive  corporate  inter¬ 
est  in  innovations  such  as  grid  com¬ 
puting  and  shared  utility  services. 

But  IT  will  need  to  watch  the  stan¬ 
dards  side  of  these  product  rollouts 
vigilantly,  because  making  it  all  work 
together  will  call  for  unprecedented 
levels  of  integration.  And  no  vendor 
knows  your  business  the  way  you  do. 

In  the  meantime,  keep  your  road 
maps  handy,  and  kick  the  tires  hard 
on  this  one.  I 


Use  Those 
Vendor 
Freebies 

THE  BEST  things  in  life 
are  seldom  free.  How¬ 
ever,  if  you  happen  to 
be  a  developer,  there  are  a  lot 

of  good  things  that  are  free. 

The  open-source  programming 
world  is  replete  with  examples.  Perl, 
Tel,  MySQL  and,  of  course,  Linux  are 
all  there  for  the  taking. 

There  are  even  more  tools  from 
mainstream  vendors  hoping  to  appeal 
to  developers’  desire  for  low-risk  ex- 
perimentalism,  but  their  cold-eyed 
commercialism  is  still  aimed  at  aiding 
their  products’  ultimate  releases. 

IBM  is  one  of  the  more  obvious  ex¬ 
amples  of  vendors  throwing  their  com¬ 
mercial  products  at  developers  and  ex¬ 
acting  no  monetary  cost.  But  there’s 
still  a  price  to  pay. 

IBM’s  Alpha  Works 
( www.alphaworks . 
ibm.com )  blends  a 
corporate  developer’s 
parsimoniousness 
with  a  vendor’s  need 
for  financial  reward. 

For  example,  at  Alpha- 
Works,  registered 
users  can  access  tech¬ 
nology  free  for  90 
days  prior  to  its  com¬ 
mercial  release.  This 
gives  developers  a  chance  to  evaluate 
new  tools,  provide  feedback  and  ex¬ 
plore  emerging  standards. 

A  new  Web  services  developer  lan¬ 
guage  for  J2EE  applications,  WSDL 
Explorer,  is  currently  available  at 
AlphaWorks  from  IBM’s  emerging 
technology  group.  It’s  designed  to 
help  developers  save  time  when  com¬ 
paring  and  contrasting  Web  services, 
since  they  don’t  have  to  import  the 
information  into  another  development 
tool.  With  this  freebie,  it’s  possible 
for  programmers  to  work  in  a  new 
WSDL  environment  without  laying 
out  any  cash. 

If  the  developer  feedback  to  IBM 
is  positive  and  the  tool  proves  useful, 
it  may  be  incorporated  into  a  new  or 
existing  commercial  release  that  ben¬ 
efits  all  budding  Web  services  pro¬ 
grammers.  Of  course,  IBM  reaps  the 
advantage  of  having  its  products  battle- 


tested,  critiqued  and  improved  by  a 
small  army  of  unpaid  professionals. 
It’s  like  the  open-source  community, 
except  IBM  ultimately  cashes  checks 
for  the  software.  IBM’s  WebSphere 
application  server  already  contains 
12  technologies  from  the  developer- 
proven  Alpha  Works  site,  including  a 
WebSphere  servlet  engine  and  an 
XML  parser  for  Java. 

It’s  clear  to  me  that  IBM  is  profit¬ 
ing  from  quality-assurance  work  done 
for  free  by  others.  But  that  hasn’t  dis¬ 
suaded  Alpha  Works  users,  who  tend 
to  work  at  small  to  midsize  businesses 
that  don’t  have  extra  money  to  toss 
around  —  and  probably  don’t  have 
developers  on  call  —  from  using  the 
prerelease  software. 

Larger  IT  operations  might  want  to 
get  involved  as  well.  Using  these  al- 
most-free  resources  from  vendors  can 
save  you  money,  but  more  important, 
your  IT  needs  are  more  likely  to  be 
specifically  addressed  in  upcoming 
product  releases. 

Getting  something  on  the  cheap  is 
always  nice,  but  getting  something 
that’s  done  right  is  far  better,  t 

MICHAEL  GARTENBERG 

Turn  Users 
Into  Fans 

OK,  THE  ECONOMY  is 
down.  Budgets  have 
been  slashed,  and  we 
are  all  being  asked  to  do  more 
with  less. 

The  good  news  is  that  IT  is  no 
longer  something  that  can  assist  busi¬ 
ness;  it’s  now  something  that  in  many 
cases  defines  business  and  isn’t  easily 
displaced. 

The  bad  news  is  that  despite  this 
criticality,  in  many  cases  IT  feels  the 
pain  of  cutbacks  first. 

So,  how  do  you  survive  the  down¬ 
turn  until  the  real  recovery  comes? 
Well,  the  first  thing  to  remember  is 
that  IT  is  first  and  foremost  a  service 
industry  with  a  net  sum  gain  of  zero.  If 
you’re  working  at  100%  efficiency,  no 
one  knows  you  exist,  because  every¬ 
thing  is  running  quite  smoothly.  If  you 
do  get  noticed,  it’s  often  by  everyone 
in  the  company,  and  it’s  usually  not  to 
praise  your  efforts.  It’s  typically  be¬ 
cause  no  one  is  able  to  get  their  e-mail 
or  log  onto  a  file  server. 

The  goal  of  every  IT  manager  ulti¬ 
mately  is  to  stay  off  the  obituary  page 
and  once  in  a  while  get  in  the  head¬ 


lines  for  a  big,  successful 
project  rollout.  So  here  are 
some  ideas  on  how  to  keep 
yourself  off  the  back  page 
and  every  so  often  get  your¬ 
self  on  the  cover  —  in  a 
good  way: 

First,  never  forget  your 
customer.  That’s  right,  those 
annoying,  clueless  users  are 
your  customers.  Your  goal  is 
to  transition  them  from 
cranky  customers  to  ador¬ 
ing  fans.  And  the  only  way 
to  turn  them  into  fans  is  to 
understand  their  requests 
and  needs.  Doing  that  is  ac¬ 
tually  pretty  easy,  if  you  remember  that 
each  request  —  no  matter  what  it  is  or 
who  it’s  from  —  revolves  around  only 
one  of  two  possible  questions  on  their 
minds:  “How  do  I  keep  my  job?”  or 
“How  do  I  get  promoted?” 

This  is  where  you  come  in.  Provid¬ 


ing  the  best  possible  level 
of  support  is  the  first  step 
to  getting  the  attention  and 
focus  well-run  IT  organiza¬ 
tions  deserve. 

Second,  learn  to  be 
proactive,  not  reactive. 
Many  of  the  problems  as¬ 
sociated  with  the  IT  uni¬ 
verse  are  related  to  the 
fact  that  most  IT  depart¬ 
ments  know  how  to  react 
but  are  often  never  ahead 
of  the  curve. 

Do  you  have  lots  of 
users  who  travel?  Find 
ways  to  lighten  their  loads 
with  thin  and  light  notebooks.  Do  you 
have  e-mail-addicted  execs?  Get  them 
connected  wirelessly.  Are  you  already 
doing  that?  Add  wireless  calendar 
synchronization.  Find  ways  to  help 
your  users  do  their  jobs  a  little  faster, 
a  little  easier  and  a  little  more  accu¬ 


rately.  Make  them  look  good  to  the 
people  they  work  for,  and  you  will 
have  fans  for  life. 

Third,  show  them  the  money.  There 
are  two  areas  where  you  can  win  here: 
ROI  and  TCO.  Figure  out  what  the 
costs  associated  with  a  project  really 
are,  and  then  use  those  numbers  to 
either  show  how  you  will  save  costs  as 
a  result  of  implementation  or  how  you 
will  help  the  company  make  money.  If 
you  can’t  show  how  you’re  saving  or 
making  money,  then  perhaps  it’s  time 
to  rethink  the  project. 

Finally,  remember  that  your  users 
are  facing  the  same  issues  you  are. 
Help  them  in  their  time  of  need,  and 
they  will  stand  by  you  in  times  of  fis¬ 
cal  cutbacks.  I 


WANT  OUR  OPINION? 

OMore  columnists  and  links  to  archives  of  previous 
columns  are  on  our  Web  site: 

www.computerworld.com/columns 
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Phones  for  Victims 

PROFESSIONALS  are  often 
charged  with  the  task  of  dis¬ 
posing  of  old  wireless  equipment. 
Verizon  Wireless'  HopeLine  pro¬ 
gram  collects  used  wireless  phones 
and  equipment  and  refurbishes,  re¬ 
cycles  and/or  sells  them  to  benefit 
victims  of  domestic  violence.  Pro¬ 
ceeds  from  HopeLine  are  used  to 
place  phones  in  the  hands  of  vic¬ 
tims,  creating  a  lifeline  in  emergen¬ 
cies.  Since  1995,  HopeLine  has 
collected  more  than  500,000 
phones.  But  with  more  than  134 
million  people  in  the  U.S.  using 
wireless  phones,  we  should  be  able 
to  collect  that  number  in  one  year. 

With  this  program,  old  equip¬ 
ment  can  potentially  assist  victims, 
at  little  cost  and  effort.  Additionally, 
participating  in  this  program  sends 
the  message  that  your  company 
supports  two  important  issues:  do¬ 
mestic  violence  awareness  and 
prevention,  and  recycling. 

Now  it’s  time  for  IT  professionals 
to  make  a  commitment  to  get  in¬ 
volved  in  HopeLine:  Alert  the  office 
manager:  send  a  companywide 
e-mail;  put  a  collection  box  in  the 
cafeteria  or  break  room.  Collect  last 
year's  phones  and  send  them  di¬ 
rectly  to  HopeLine,  or  encourage 
employees  to  bring  their  old  phones 
into  any  Verizon  Wireless  Commu¬ 
nications  Store.  As  employees  con¬ 
sider  swapping  out  their  old  equip¬ 


ment,  encouraging  them  to  partici¬ 
pate  in  HopeLine  may  save  a  life. 

For  more  information,  visit  www. 
verizonwireless.  com/hopeline. 

Denny  Strigl 

President  and  CEO,  Verizon 
Wireless,  Bedminster,  N.J. 


The  Need  for  Cobol 

IT’S  FUNNY  that  Frank  Hayes  says 
in  “Paradigm  Lost?”  [QuickLink 
32810]  that  “Cobol  lost  its  place  to 
SAP  and  PeopleSoft,"  especially 
when  one  considers  that  the  major¬ 
ity  of  the  batch  processing  in  Peo¬ 
pleSoft  is  written  in  Cobol.  People- 
Soft  claims  that  it’s  going  to  work 
toward  removing  the  Cobol  code  in 
future  releases,  but  for  now,  if  you 
want  to  install  the  latest  release  of 
PeopleSoft,  you  must  first  purchase 
a  $12,000  Cobol  compiler. 

Edward  Hiney 

Consultant,  Naugatuck,  Conn., 
e_hiney@yahoo.com 

Making  Sense  of 
Telecom’s  Troubles 

Most  of  what  was  said  in 

the  article  “FCC  Investigates 
Ways  to  Help  Telecom  Sector” 
[QuickLink  33528]  about  what 
contributed  to  the  downfall  of  the 
telecommunications  industry  is 
true,  but  the  FCC  itself  was  the 
biggest  problem.  After  Congress 


passed  the  Telecommunications 
Act  of  1996,  the  FCC  didn’t  enforce 
it.  The  incumbents  litigated  the  en¬ 
trants  to  death.  The  incumbents 
were  able  to  sell  long-distance  ser¬ 
vice  but  didn’t  open  their  markets 
to  competition  and  didn't  start  to 
compete  among  themselves  in 
their  various  markets.  The  FCC  let 
them  buy  each  other  up  and  merge. 
This  is  an  economic  war  that  the 
new  guys  didn’t  expect  to  have  to 
fight  while  they  were  trying  to  build 
infrastructure. 

Andrew  Weitzberg 

Sales,  Metcom  Inc.,  Plainview, 

N.Y.,  aw@metcom.com 

THAT  WAS  an  interesting  article 
on  the  FCC.  Being  a  supplier  to 
the  telecom  market,  let  me  share 
my  twist  on  this.  I  believe  what’s  at 
play  is  good-old  market  capitalism. 

I  believe  the  seeds  of  the  telecom 
debacle  were  sown  at  the  inception 
of  telecom  deregulation,  although  it 
probably  was  very  difficult  for  all  but 
a  few  to  see  that  back  then.  In  addi¬ 
tion  to  all  the  good  things  deregula¬ 
tion  could  bring  about,  it  opened 
the  door  for  unintended  conse¬ 
quences,  such  as  a  gold  rush  men¬ 
tality.  Everyone  staked  a  claim,  and 
when  the  mines  played  out,  they 
folded  their  tents.  That’s  market 
capitalism  at  work.  But  there  are 
some  aspects  of  a  nation's  infra¬ 
structure  that  should  be  somewhat 
insulated  from  the  rises  and  falls  of  I 


the  free  market,  if  for  no  other  rea¬ 
son  than  to  maintain  strength.  I 
think  it's  possible  to  have  some 
degree  of  regulation  alongside  the 
free  market. 

Les  Harrison 

Director,  quality  and  educa¬ 
tion;  Newton  Instrument  Co.; 
Butner,  N.C.;  mugdock@ 
earthlink.net 


Yale  professor  Barry  Nale- 
buff  said  “there  simply  aren’t 
any  good  killer  applications”  that 
would  sell  broadband.  Maybe  it’s 
not  a  killer  app,  but  I  bought  DSL 
for  the  speed  and  the  ability  to  con¬ 
duct  voice  calls  over  a  single  line. 
The  only  problem  I  see  is  that  DSL’s 
price  point  of  $50  is  too  high;  it 
should  be  $30.  Now  that  would  be 
a  killer. 

Paul  Bond 
Erie,  Pa. 

C0MPUTERW0RLD  welcomes 
comments  from  its  readers.  Letters 
will  be  edited  for  brevity  and  clarity. 
They  should  be  addressed  to  Jamie 
Eckle,  letters  editor,  Computerworld, 
P0  Box  9171, 500  Old  Connecticut 
Path,  Framingham,  Mass.  01701. 

Fax:  (508)  879-4843. 

E-mail:  letters@computerworld.com. 
Include  an  address  and  phone  num¬ 
ber  for  immediate  verifies  lion. 

OMore  letters  on  these  and  other 
topics  are  on  our  Web  site: 

computerworld.com/Ietters 
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Anything  can  happen  to  your  infrastructure. 
Make  sure  it  scales.  In  today’s  unpredictable  business 

world,  where - can  happen  at  any  moment,  you 

need  the  ability  to  increase  or  decrease  computing  capacity 
quickly  and  efficiently.  Here’s  how  the  Microsoft*  platform 
can  help  you  get  there: 


World-record  performance:  The  Windows'  Server  family  holds 
world  performance  records  in  the  TPC-C  {transactions  per 
minute)  and  TPC-W  (Web  interactions  processed  per  second) 
benchmarks.  In  TPC-C  price-performance  benchmarks  of 
clustered  solutions,  systems  running  software  from  Microsoft 
hold  the  top  four  results.  In  tests  of  non-clustered  systems 
on  TPC-C,  Microsoft  solutions  hold  the  top  ten  spots  in 
price-performance* 


Scale  up,  scale  out,  or  both:  Whether  you’re  looking  to 
consolidate  your  workload  onto  fewer  servers  “scaling  up,”  or 
distribute  the  workload  among  many  servers  “scaling  out;’ 
the  Microsoft  platform  is  ready.  In  a  scale-up  environment, 
the  platform  can  support  up  to  32  processors  and  32  GB 
of  memory,  while  in  a  scale-out  environment,  the  platform 
supports  up  to  32  servers  via  network  load  balancing. 


For  a  Server  Consolidation  Kit,  webcasts,  and  other  information 
that  can  help  you  get  your  infrastructure  scalable  enough 

for _ \  visit  microsoft.com/enterprise/scalabllity 

Software  for  the  Agile  Business. 


JetBlue  is  using  the  Microsoft  Server  Platform  to  enable  hardware 
consolidation,  achieve  better  price-performance,  decrease  IT 
support  costs,  and  reduce  application  development  time.  The 
scalability  of  our  Microsoft-based  infrastructure  gives  us  the 
confidence  that  we  are  ready  to  handle  today  's  usage  spikes 
as  well  as  future  growth.*'  . 

-Jeff  Cohen,  Vice  President  &  CIO,  JetBlue  Airways 


Microsoft 


RELIABLE 

ALTERNATIVE  TO 
OBJECT-DISORIENTED 

DATABASES. 


For  your  next  generation  of  applications, 
move  to  the  next  generation  of  database 
technology.  Cache  is  the  post-relational 
database  that  combines  high-performance 
SQL  for  faster  queries  and  an  advanced 
object  database  for  rapidly  storing  and 
accessing  objects. 

With  Cache’s  multidimensional  engine, 
your  future  applications  will  be  massively 
scalable  and  lightning  fast  -  and  they  won’t 
require  frequent  database  administration  or 
hardware  and  middleware  upgrades.  You’ll  get 
higher  performance,  at  lower  cost. 

Plus,  Cache  comes  with  a  powerful  Web 
application  development  environment  that  will 
dramatically  cut  the  time  required  to  build 
and  modify  your  applications. 

The  reliability  of  Cache  has  been  proven 
in  “life-or-death”  applications  at  the  world’s 
largest  hospitals.  With  high  reliability,  high 
performance  and  low  cost-of-ownership, 
you’ll  be  happier  with  Cache. 


With  its  unique  fusion  of  advanced 
objects  and  robust  SQL, 

Oracle  developers  will  be  happier  with  Cache, 


We  are  InterSystems  -  a  specialist  in  data 
management  for  24  years,  providing  24x7 
support  to  4  million  users  in  88  countries. 

Cache  is  available  for  Windows,  OpenVMS, 
Linux  and  major  Unix  systems. 


InterSystems  /■ 

£  CACHE 

Make  Applications  Faster 

*So  Reliable,  It’s  The  World’s 
Leading  Database  In  Healthcare 

Download  a  fully-functional  version  of  Cache  or  request  it  on  CD  for  free  at  www.lnterSystems.com/reliaMe 

'r-  2002  InlcrSyslcms  Corporation.  All  rights  reserved.  InterSystems  Cache  Is  a  registered  trademark  of  InterSystems  Corporation.  Other  product  names  arc  trademarks  ol  their  respective  vendors.  Rel3  AIM 
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FIELD  REPORT: 

Unified  Messaging 

Centralized  access  to  faxes, 
voice  mail  and  e-mail  creates 
efficiencies,  but  unified 
messaging  systems  also 
require  substantial  infra¬ 
structure  changes.  Page  32 


SECURITY  JOURNAL: 

Experts  Stumble  on  PKI  Project 

Vince  Tuesday’s  attempt  to  rework  his 
company’s  public-key  infrastructure 
project  demonstrates  that  even  high- 
priced  hired  guns  should  be  carefully 
evaluated.  Page  38 


QUICKSTUDY: 
SCc 


cale-Free  Networks 

These  networks  are  different  from 
random  networks  in  that  some  of 
their  nodes  are  very  connected 
hubs,  which  changes  the  way  the 
network  operates,  decays  and 
responds  when  attacked.  Page  36 


Manufacturers  are  finding  that  increased  visibility  across  their 
operations  through  data  integration  cuts  costs.  By  Jaikumar  Vijayan 


VIEW  TO 


SAVINGS 


HEN  RPM  INTERNATIONAL  INC.  Was 
looking  for  a  way  to  streamline  its 
purchasing  processes,  the  multibil- 
lion-dollar  manufacturer  of  speciality 
chemical  products  decided  that  the  best  approach 
would  be  to  consolidate  requirements  from  across 
all  of  its  operations. 

RPM,  which  owns  brands  such  as  Rust-Oleum, 
DAP  and  Zinsser,  buys  complex  raw  materials  that  go 
into  the  formulation  of  recipe-based  coating,  sealant 
and  paint  products.  By  collapsing  requirements  from 
across  all  of  its  brands,  RPM  reduced  its  list  of  stan¬ 
dard  ingredients,  consolidated  suppliers  and  created 
a  new  workflow  for  the  purchasing  process. 

“We  purchase  $900  million  a  year  in  raw  materi¬ 
als,”  says  Paul  Hoogenboom,  CIO  at  Medina,  Ohio- 
based  RPM.  “The  ROI  from  having  a  consolidated 
view  of  this  process  is  pretty  darn  obvious.” 

An  increasing  number  of  manufacturing  compa¬ 


nies  are  looking  to  improve  efficiencies 
and  trim  costs  by  building  more  visibil¬ 
ity  into  various  levels  of  their  opera¬ 
tions,  says  Andy  Chatha,  president  of 
ARC  Advisory  Group  Inc.,  a  Dedham, 
Mass.-based  manufacturing  consultancy. 

“The  change  in  the  economy  and  the  decline  in 
demand  has  highlighted  the  overweight  cost  struc¬ 
tures  a  lot  of  companies  have,”  says  Lou  Unkeless, 
a  vice  president  at  Datasweep  Inc.  in  San  Jose. 

As  a  result,  companies  are  trying  to  “gather,  aggre¬ 
gate,  retain  and  analyze”  data  trapped  at  various  lev¬ 
els  of  the  organization,  Unkeless  says. 

It  helps  them  get  a  better  understanding  of  “all  the 
incoming  logistics  and  outgoing  logistics,  right  up  to 
the  customer’s  door,”  Chatha  adds. 

In  RPM’s  case,  to  consolidate  demand,  the  com¬ 
pany  had  to  first  find  a  way  to  look  at  the  chemical 
properties,  specifications  and  test  attributes  of  the 
various  raw  materials  required  by  its  business  units 
to  find  out  if  multiple  units  used  the  same  products. 

RPM  implemented  a  specialized  content  manage¬ 
ment  suite  called  Optiva  from  Formation  Systems  Inc. 
in  Southboro,  Mass.,  to  create  a  product  information 
backbone  for  capturing  and  sharing  product  knowl¬ 
edge,  formulation  attributes  and  purchasing  histories. 

Optiva  is  specialized  for  makers  of  recipe-based 
goods  such  as  paints  or  processed  food  and  has 
allowed  RPM  to  have  a  much  better  visibility  of  its 
product  requirements,  Hoogenboom  says. 

“It’s  the  mother  of  all  consolidated  systems,  so  it 
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can  provide  a  single  cross-referenced  look  at  every¬ 
thing  we  buy,”  Hoogenboom  says. 

Other  companies  are  also  implementing  data  inte¬ 
gration  applications  in  order  to  achieve  similar  goals. 

For  instance,  greater  visibility  across  manufactur¬ 
ing  operations  can  result  in  better  quality  and  busi¬ 
ness  processes,  says  Chuck  Word,  corporate  quality 
control  manager  at  Flash  Electronics  Inc.,  a  Fremont, 
Calif. -based  contract  manufacturer  of  electronic  com¬ 
ponents.  Since  June,  the  company  has  been  pulling 
real-time  quality  information  off  the  plant  floor  using 
Web-based  monitoring  and  tracking  software  from 
Datasweep.  Previously,  “we  had  no  reliable  way  to 
report  quality  data  to  customers,”  Word  says. 

Datasweep’s  Advantage  software  allows  Flash  to 
collect,  integrate  and  analyze  production  data  at 
every  critical  step,  says  Word.  The  software  has  also 
let  the  company  implement  what  it  calls  a  line-stop 
process  to  ensure  that  every  manufactured  compo¬ 
nent  passes  every  quality  step  before  it’s  shipped 
to  customers. 

Access  to  Detailed  Information 

Such  data  integration  between  the  plant  floor  and 
the  quality  control  and  shipping  departments  has 
allowed  Flash  to  give  its  customers  detailed  online 
access  to  quality  reports,  product  genealogy  and 
tracking  information,  Word  says.  It  has  also  helped 
the  company  pinpoint  and  fix  quality  problems 
more  quickly. 

“The  ROI  has  been  very  high,”  Word  says. 

Going  forward,  the  company  plans  to  “back-flush” 
the  data  it’s  gathering  from  the  plant  floor  into  its 
main  enterprise  resource  planning  (ERP)  system,  he 
says.  That  would  give  the  company’s  purchasers  and 
suppliers  real-time  information  related  to  its  raw 
materials  needs. 

Henkel  Consumer  Adhesives  Inc.  in  Avon,  Ohio, 
is  able  to  better  manage  its  customer  relationships 
thanks  to  greater  visibility  of  its  point-of-sale  data 
and  of  internal  processes  such  as  accounts  receiv¬ 
able,  shipment  delivery  dates  and  warehouse  staff 
productivity  levels. 


MANUFACTURERS 
LOOK  INWARD 

In  a  tough  economy,  manufacturing  compa¬ 
nies  are  increasingly  looking  inside  their  oper¬ 
ations  for  opportunities  to  cut  costs  instead  of 
focusing  on  building  better  links  with  suppliers  and 
external  partners,  as  they  once  did,  analysts  say. 

“Right  now,  most  manufacturing  companies 
have  a  big  focus  on  lowering  costs,”  says  Andy 
Chatha,  president  of  ARC  Advisory  Group.  This 
has  resulted  in  a  greater  scrutiny  of  internal  inef¬ 
ficiencies  and  a  focus  on  building  “operational 
excellence,”  Chatha  says. 

Manufacturing  companies  have  been  very  good 
at  optimizing  individual  pieces  of  their  organiza¬ 
tions,  such  as  plant  floor  operations  or  inventory 
management,  but  they’ve  been  relatively  slow  to 
integrate  them,  Chatha  says.  Consequently,  the 
goal  is  to  foster  a  more  “collaborative  culture” 
across  an  organization,  he  says. 

Expect  to  see  projects  that  are  directed  at  build¬ 
ing  a  more  real-time  and  cross-functional  view  of 
internal  operations,  says  Lou  Unkeless,  a  vice 
president  at  Datasweep.  “There’s  been  somewhat 
of  a  retrenching  in  that  companies  are  starting  to 
look  more  at  their  operations  first  and  only  then 
looking  at  collaboration  and  information  sharing” 
with  external  entities,  he  says. 

-  Jaikumar  Vijayan 


Henkel  makes  Duck  brand  adhesive  products  and 
distributes  them  to  retailers  like  Wal-Mart,  Target 
and  Staples.  In  an  effort  to  provide  more  value  to 
its  customers,  the  company  decided  to  give  retail¬ 
ers  detailed  analysis  of  their  sales  of  Duck  products, 
including  projected  demand  patterns,  says  Matthew 
Rhoades,  team  leader  of  Henkel’s  advanced  technol¬ 
ogy  development  effort. 

Last  March,  Henkel  implemented  a  data  integra¬ 
tion  software  tool  called  DataStage  from  Ascential 


HOW  RPM  INTERNATIONAL  USES  OPTIVA  STRATEGIC  SOURCING 

Formation  Systems’  Optiva  Strategic  Sourcing  application  gives  RPM  a  single  view  of  raw  materials  used  across  the  extended  orga¬ 
nization.  The  information  allows  purchasing  groups  to  capture  companywide  requirements,  compare  vendor  data  against  quality 
specifications,  identify  low-cost  substitutions  and  control  the  proliferation  of  new  materials. 
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Software  Corp.  in  Westboro,  Mass.  Ascential’s  tool 
extracts,  cleanses  and  analyzes  point-of-sale,  in¬ 
ventory,  shipment  and  marketing  data  daily  from 
Henkel’s  main  ERP  systems.  The  data  is  then  used 
to  generate  detailed  analysis  for  customers.  It’s 
also  used  to  populate  several  data  warehouses  that 
Henkel’s  finance,  marketing,  sales  and  operations 
management  teams  utilize  to  perform  at  least  50  dif¬ 
ferent  types  of  analysis. 

“We  have  an  almost  360-degree  view  of  sales, 
inventory,  manufacturing,  shipment  and  consump¬ 
tion  information,”  Rhoades  says.  “It  has  completely 
changed  the  way  we  do  manufacturing.”  Instead  of 
manufacturing  to  meet  forecast  levels,  the  company 
now  manufactures  to  meet  actual  demand. 

Improving  Collaboration 

In  much  the  same  way,  a  cross-functional  view  of 
design  and  engineering  processes  is  helping  Fort 
Worth,  Texas-based  Lockheed  Martin  Aeronautics 
Co.  in  a  massive  collaborative  manufacturing  effort 
involving  three  major  manufacturing  partners  and 
more  than  80  major  suppliers  in  three  countries. 

Lockheed  is  using  Catia  Metaphase  Interface 
(CMI)  software  from  Lisle,  Ill.-based  T-Systems  Inc. 
in  the  design  and  engineering  of  the  Joint  Strike 
Fighter  (JSF)  aircraft,  which  it’s  developing  for  the 
U.S.  armed  forces.  CMI  allows  Lockheed  to  visually 
represent  alphanumeric  product  data  in  a  3-D  graphi¬ 
cal  format.  With  CMI,  Lockheed  can  take  assembly 
and  subassembly  design  information  related  to  the 
25,000  parts  contained  in  the  JSF  and  render  it  in  3-D 
form  using  Catia  computer-aided  design  software 
from  Dassault  Systemes  SA  in  Suresnes,  France. 

“Effective  communication  is  one  of  the  biggest 
challenges  in  a  project  of  this  scope,”  says  Larry  Mes- 
tad,  a  senior  manager  of  the  JSF  integration  team. 

With  CIM,  “we  are  able  to  provide  product  infor¬ 
mation  both  visually  and  textually  to  all  of  our  part¬ 
ners  and  supply  base,”  he  says. 

It’s  not  always  necessary  to  rip  out  existing  sys¬ 
tems  to  build  better  visibility,  says  Bill  Fisher,  CIO 
at  snowmobile  maker  Polaris  Industries  Inc.  in  Min¬ 
neapolis.  Faced  with  the  challenge  of  integrating 
multiple  data  sources  about  three  years  ago,  Fisher 
decided  that  the  best  course  of  action  was  to  build 
on  the  investment  Polaris  had  already  made  in  ERP 
software  from  Mapics  Inc.  in  Alpharetta,  Ga. 

Instead  of  spending  about  $20  million  on  a  new 
ERP  installation  —  which  was  what  a  team  of  consul¬ 
tants  recommended  —  Fisher  and  his  team  decided  to 
use  Microsoft  Corp.  extranet  and  intranet  technology 
to  connect  various  Mapics  modules,  such  as  procure¬ 
ment,  inventory  management  and  resource  planning. 

During  the  past  two  years,  the  “integration  over 
time”  approach  has  resulted  in  a  connected  enter¬ 
prise  where  information  flows  far  more  efficiently 
than  before,  Fisher  says.  Polaris’  new  extranet  for  its 
2,000  dealers  has  eliminated  costs  related  to  the  use 
of  electronic  data  interchange  technology,  cut  out 
paperwork  associated  with  purchase  orders  and  war¬ 
ranty  claims,  and  made  it  far  easier  for  the  company 
and  its  dealers  to  schedule,  track  and  manage  orders. 

“For  a  lot  of  people,  the  easy  answer  is  to  throw 
away  everything  they  have  in  place”  to  get  new  func¬ 
tionality,  Fisher  says.  “Its  just  not  obvious  to  me  that 
it  is  always  the  best  approach.”  I 
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Unified  Messaging 
Boosts  Productivity 


Unified 

Messaging 

A  few  years  ago,  it  was  widely  pre¬ 
dicted  that  unified  messaging  (UM) 
systems  would  revolutionize  the 
way  people  worked  by  aggregating 
corporate  e-mail,  voice  mail  and  fax 
traffic.  That  revolution  never  hap- 
pened.  The  prob- 
rltLU  W  lem:  UM’s  upfront 
RFPURT  costs  ar,d  incre- 

* —  -  -  mental  productivity 

benefits  made  the  business  case 
difficult  to  justify. 

Since  then,  UM  has  made  in¬ 
roads  as  a  way  to  support  mobile 
workers.  But  as  IT  replaces  outdat¬ 
ed  voice-mail  systems,  many  com¬ 
panies  are  taking  a  second  look  at 
adding  UM  capabilities  for  internal 
workers  as  well. 

By  Drew  Robb 


Definition:  Unified 
Messaging  vs.  Unified 
Communications 

Unified  messaging  (UM)  enables  access  to 
faxes,  voice  mail  and  e-mail  from  a  single 
mailbox  that  users  can  reach  either  by  tele¬ 
phone  or  a  computer  equipped  with  speakers. 

Computer  users  can  select  and  play  voice- 
mail  recordings  that  appear  in  their  in-boxes. 
Telephone  users  can  both  retrieve  voice  mail 
and  hear  text-to-voice  translations  of  e-mail 
messages.  Messages  of  any  type  can  be 
saved,  answered,  filed,  sorted  and  forwarded. 

While  UM  is  restricted  to  recorded  mes¬ 
sages,  unified  communications  technology 
extends  UM  by  adding  real-time  access  to 
contact  lists,  as  well  as  automatic  dialing  and 
teleconferencing  services.  As  the  market 
evolves,  UM  products  are  gradually  including 
these  capabilities. 


Convenience,  not 
necessity,  may  well 
be  the  true  mother 
of  invention.  Witness 
the  ubiquitous  micro- 
wave  or  TV  remote.  Likewise,  though 
it’s  been  hard  to  demonstrate  a  clear- 
cut  need  for  unified  messaging  (UM), 
it  sure  is  convenient. 

Why  check  the  computer  for  e-mail, 
dial  the  phone  for  voice  mail  and  stroll 
over  to  the  fax  machine  when  you  can 
get  all  three  in  your  e-mail  in-box  or 
by  making  a  single  phone  call?  And 
newer  unified  communications  prod¬ 
ucts  include  greater  integration  and 
advanced  features. 

But  those  benefits  come  only  after 
IT  has  jumped  over  installation  and 
training  hurdles.  Installing  UM  usually 
requires  replacing  existing  communi¬ 
cations  hardware  and  software,  or 
adding  middleware.  Then  there’s  train¬ 
ing  employees.  Given  a  price  of  about 
$200  per  seat,  including  deployment, 
training  and  management  costs,  UM 
can  be  a  tough  sell  in  a  tight  economy. 

Nevertheless,  UM  can  make  sense 
for  certain  employees.  “UM  is  good 
for  a  mobile  workforce  and  geograph¬ 
ically  dispersed  workgroups,”  says 
Blair  Pleasant,  an  analyst  at  The 
Pelorus  Group  in  Raritan,  N.J. 

A  case  in  point:  State  Compensation 
Insurance  Fund  in  San  Francisco  is  us¬ 
ing  Basking  Ridge,  N.J.-based  Avaya 
Inc.’s  Unified  Communication  Center 
so  mobile  employees  can  access  the 
network  faster.  But  while  State  Fund  is 
deploying  UM  at  all  its  offices,  the 
company  limits  access  to  mobile  em¬ 
ployees  because  it’s  neither  necessary 
nor  cost-effective  to  provide  the  tech¬ 
nology  to  the  entire  staff,  according  to 
Bryan  Townsend,  the  company’s 
telecommunications  manager. 

William  L.  Lyon  &  Associates  Inc. 
is  taking  a  different  approach.  The 
Sacramento,  Calif.-based  real  estate 
firm  is  rolling  out  UM  only  to  new 
offices  or  to  those  upgrading  their 


private  branch  exchange  systems. 

“Our  goal  initially  was  to  find  an  alter¬ 
native  to  our  Avaya  Octel  voice-mail 
system,  with  its  proprietary  hard¬ 
ware,”  says  Lynn  Ryan,  IT  director. 

While  the  new  CallXpress  software 
from  Captaris  Inc.  in  Kirkland,  Wash., 
is  easier  to  manage,  she  says  it  won’t  be 
deployed  companywide  anytime  soon. 
“We  have  12  Octel  units  in  offices,  and 
it  would  be  prohibitive  to  swap  out  all 
the  equipment,”  she  says.  As  the  Octel 
systems  reach  end  of  life,  she  plans  to 
replace  them  with  CallXpress. 

Easier  Integration 

Most  UM  software  is  designed  to  work 
with  e-mail  systems  like  Microsoft 
Corp.’s  Exchange,  IBM’s  Lotus  Notes 
or  Novell  Inc.’s  GroupWise.  Some 
come  with  voice-mail  and  fax  features, 
while  others  act  as  middleware  to 
unite  data  from  third-party  products. 

These  days,  integration  isn’t  as  chal¬ 
lenging  as  it  was  a  few  years  back. 
Glenn  Harley,  telecommunications 
systems  department  lead  at  Eglin  Air 
Force  Base  in  Fort  Walton  Beach,  Fla., 
says  he  installed  and  tested  the  latest 
version  of  Seattle-based  Active  Voice 


LLC’s  Repartee  in  about  two  hours. 

But  installing  UM  is  only  half  the 
battle.  It  takes  work  to  get  people  to 
abandon  their  old  communication 
habits.  Townsend  says  that  few  em¬ 
ployees  use  the  desktop  fax  feature. 

Ryan  encountered  similar  prob¬ 
lems.  “You  would  think  UM  would  be 
perfect  for  real  estate  agents,”  she 
says.  But  “it  takes  a  lot  of  training  and 
promotion  to  get  them  to  use  all  the 
features,”  she  notes. 

Once  employees  begin  using  UM, 
however,  it  quickly  becomes  a  must- 
have  technology.  “Having  e-mail/ 
voice  mail  on  the  PC  is  an  incredible 
timesaver  that  makes  running  an  of¬ 
fice  more  efficient,”  says  Robert  Ka¬ 
plan,  senior  project  manager  at  the 
U.S.  Air  Force  Research  Laboratory  in 
Rome,  N.Y.  Kaplan  deployed  CallPilot 
from  Brampton,  Ontario-based  Nortel 
Networks  Ltd.  “[The  users]  didn’t 
want  to  change  at  first,”  he  says. 

But  training  helped  turn  the  tide. 
“You  can’t  take  it  away  from  them 
now,”  Kaplan  says.  I 


Robb  is  a  freelance  writer  in 
Tujunga,  Calif. 


UM  Systems:  Finding  Common  Ground 

A  UM  server  accepts  voice  mail  from  telephone  systems  and  data  from  fax  and  e-mail  servers.  It  then  pro¬ 
vides  centralized  access  to  all  message  types  by  way  of  telephone  or  computer.  Users  can  play  voice  mail 
and  view  faxes  from  their  e-mail  in-boxes;  a  text-to-speech  engine  allows  dial-up  users  to  hear  e-mail  mes¬ 
sages  as  well  as  voice  mail. 
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Insurer  Takes  Middleware  Road 


FIELD 

NOTES 


State  Compensation 
Insurance  Fund,  a 
nonprofit  organiza¬ 
tion  that  provides 
workers’  compensa¬ 
tion  insurance  in  California,  adopted 
unified  messaging  (UM)  by  installing 
middleware,  rather  than  replacing  its 
voice  mail,  e-mail  and  fax  systems. 

Previously,  mobile  workers  used 
cell  phones  and  laptops  to  access  the 
network,  but  that  was  far  from  ideal. 

“Dial-up  network  access  is  not  al¬ 
ways  convenient,”  says  Bryan  Town¬ 
send,  telecommunications  manager 
at  the  fund’s  San  Francisco  headquar¬ 
ters.  “Everyone  hates  having  to  dial 
up  and  wait  10  minutes  to  boot  up 
and  log  in.” 

State  Fund  uses  Avaya  Inc.’s  Octel 
Aria  product  for  voice  mail  and  faxes 
and  Microsoft  Exchange  for  e-mail. 

To  link  the  systems  and  make  them 
accessible  remotely,  it  rolled  out 
Avaya’s  Unified  Communication  Cen¬ 
ter  (UCC).  Townsend  says  he  figured 
that  the  software,  still  in  beta,  would 
integrate  well  with  his  Avaya  private 
branch  exchanges,  voice-mail  equip- 

MOREONUNE 

Does  UM  Result  in  ROI?  Users  weigh  in: 

QuickLink  33613 

UM  Information:  Visit  our  site  for  a  list  of  resources: 

QuickLink  33614 
www.computerworld.com 


ment  and  call  center  applications. 

Townsend  says  that  after  the  initial 
planning,  it  took  two  days  to  load  the 
software  in  a  test  network.  As  part  of 
the  deployment,  Townsend  also  had 
to  create  special  Microsoft  Software 
Installer  packages  to  deploy  UCC  ap¬ 
plets  to  locked-down  desktops. 

After  about  two  months  of  testing, 
150  employees  began  using  UCC. 
Most  wanted  only  remote  voice-com¬ 
mand  access,  however,  which  limited 
the  amount  of  desktop  client  soft¬ 
ware  that  needed  to  be  installed. 

The  UCC  server  can  access  the  fea¬ 
tures  of  Exchange,  including  e-mail, 
calendaring  and  contact  lists.  Remote 
workers  can  call  in  and  control  those 
functions  through  a  set  of  voice  com¬ 
mands.  Avaya  provides  cheat  sheets 
with  the  most  common  instructions. 

“The  biggest  thing  they  like  is  hav¬ 
ing  all  contact  information  a  phone 
call  away,”  says  Townsend. 

Based  on  feedback  from  initial 
users,  State  Fund  is  rolling  out  UCC 
to  the  rest  of  the  company  —  an 
additional  1,000  people.  The  key  to 
achieving  a  successful  deployment, 
Townsend  says,  was  finding  out  what 
users  wanted  and  designing  the  sys¬ 
tem  to  meet  their  needs. 

“I  spent  time  talking  to  mobile  em¬ 
ployees,”  he  says.  “We  achieved  a 
consensus  on  what  they  wanted  and 
then  provided  it.”  I 
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Infrastructure 
Upgrade  Facilitates 
UM  Move 


William  L. 
Lyon& 
Associates 
Inc.,  Sacra¬ 
mento,  Calif. 


INTERVIEWEE: 
Lynn  Ryan, 

IT  director 


WHO  THEY  ARE: 

California's  fifth- 
largest  residential  real 
estate  firm,  with  more  than  500  sales 
employees  in  10  offices 

GOAL:  Find  a  less-expensive,  Windows- 
based  alternative  to  the  firm’s  proprietary 
Octel  voice-mail  system  from  Avaya  Inc., 
and  consider  unified  messaging  options 
as  part  of  the  process. 

STRATEGY:  Install  Captaris  Inc.'s  Call- 
Xpress  when  new  offices  open  or  when 
replacing  legacy  voice-mail  equipment 
in  existing  offices.  Use  Captaris’  Omni- 
Bridge  for  interoffice  communications 
with  legacy  Octel  systems. 

CHALLENGES:  Ensuring  that  the  sys¬ 
tem  had  familiar  features  so  the  switch¬ 
over  wouldn't  disrupt  production.  Ryan 
brought  in  Sacramento,  Calif.-based  inte¬ 


grator  ProLogic  Communications  Inc., 
which  configured  the  system  so  it  would 
work  the  way  users  preferred. 

ISSUES:  Early  on,  staffers  in  one  office 
weren’t  receiving  messages.  Ryan  traced 
the  problem  to  a  message  stuck  in  a 
queue  in  the  OmniBridge  server.  Deleting 
it  resolved  the  problem. 

A 128K  bit/sec.  data  circuit  between 
Microsoft  Exchange  and  CalIXpress 
servers  was  too  slow  when  users  called 
in  for  e-mail.  An  upgrade  to  a  faster  T1 
line  resolved  the  problem. 


PAYOFF:  CalIXpress’  upfront  cost  was 
lower  than  that  of  Octel,  and  it  offered 
simpler  administration.  However,  users 
have  been  slow  to  adopt  all  of  the  fea¬ 
tures  available  to  them,  so  the  technolo¬ 
gy’s  full  benefit  hasn’t  yet  been  realized. 


COMMENTS:  “We  felt  we  were  being 
held  hostage  because  of  proprietary 
hardware,"  Ryan  says.  “When  we  re¬ 
placed  a  PBX  with  a  different  brand,  it 
would  have  cost  us  $10,000  just  to  get  a 
new  interface  card  installed  for  Octel. 
With  a  Windows-based  voice-mail  sys¬ 
tem,  we  can  replace  components  with 
industry-standard  equipment." 


UM  Integration 
Brings  Efficiency, 
Security 


Eglin  Air 
Force  Base, 

Fort  Walton 
Beach,  Fla. 


INTERVIEWEE: 
Glenn  Harley,  tele¬ 
communications  sys¬ 
tems  department  lead 


WHO  THEY  ARE:  A  Department  of 
Defense  site  for  developing,  testing  and 
operating  airborne  weapons  systems 

GOAL:  Eliminate  the  manpower  required 
to  manually  answer  and  route  4,000  calls 
daily  and  the  time  required  to  take  mes¬ 
sages.  Avoid  having  sensitive  incoming 
fax  documents  sitting  on  a  shared  fax 
machine. 

STRATEGY:  Create  an  integrated  voice, 
e-mail  and  fax  system  using  Active  Voice 
LLC's  Repartee  7.60.  Build  a  single  direc¬ 
tory  containing  all  the  user  names  and  ex¬ 
tensions  across  three  sites. 


CHALLENGES:  Harley  was  initially  con¬ 
cerned  about  how  well  Repartee  would 
integrate  with  his  existing  NEC  Corp.  and 
Avaya  Inc.  telephone  equipment,  but  he 
says  he  didn’t  experience  any  problems. 
His  staff  installed  it  using  only  telephone 
support  from  Active  Voice. 

ISSUES:  Harley  started  with  a  beta  ver¬ 
sion,  which  restricted  users  to  entering 
only  the  first  three  letters  of  a  name  for 
telephone  number  searches  -  a  problem 
in  a  700-name  directory.  The  production 
version  allows  up  to  30  characters. 

PAYOFF:  The  unified  messaging  system 
has  cut  down  the  receptionist  load.  Users 
now  manage  faxes  and  voice  mail  from 
the  desktop  -  forwarding  messages  and 
saving  them  to  folders,  for  example  -  with 
the  same  ease  as  managing  e-mail.  Faxes 
now  go  directly  to  the  recipient’s  PC. 


COMMENTS:  Harley  has  one  caveat: 
“Make  sure  you  have  enough  voice-mail 
ports  on  the  system  to  handle  the  traffic." 
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HIPAA  implementation  deadlines 
are  approaching.  Rapidly. 

This  doesn't  necessarily  have  to 
be  a  cause  for  anxiety.  You  can 
accept  HIPAA  as  an  organizational 
challenge  to  meet  the  mandated 
deadlines,  or  you  can  view  it  as 
an  opportunity  to  improve  your 
systems  and  processes,  and  create 
a  competitive  advantage.  We  can 
help  you  do  both. 

HIPAA  Studio  is  a  software  suite  specifically 
designed  to  help  you  implement  a  robust, 
flexible  platform  for  enterprise  integration 
while  achieving  compliance  with  HIPAA 
transaction  standards. 

HIPAA  Studio  leverages  the  knowledge  and 
capabilities  we've  developed  from  nearly  20 
years  of  managing  information,  application 
and  process  integration. 

HIPAA  ACCELERATOR 
AND  EDI  SERVER 

Working  with  HIPAA  Studio,  you’ll  be  able  to 
transform  internal  data  into  HIPAA-compliant 
EDI  transactions  you  can  route  to  trading 
partners.  You'll  also  be  able  to  transform  HIPAA- 
compliant  data  received  from  trading  partners 
and  integrate  it  with  your  internal  systems.  To 
accomplish  this  task,  HIPAA  Studio  features 
our  very  aptly  named  HIPAA  Accelerator."" 

HIPAA  Accelerator  does  exactly  what  its  name 
suggests.  By  providing  you  with  a  complete 
set  of  HIPAA-compliant  XI 2  standards 
with  compliance  maps  for  each  and  every 
transaction. 

( - - \ 

The  Software 
Integration  Company 

We  can  help  you  integrate  all  the 
disparate  data  and  business  applications 
running  in  your  enterprise  and  extend 
them  to  any  location  in  the  world: 
platforms,  application  servers, 
components,  databases,  applications, 
processes,  integration  brokers,  even 
mobile/wireless  solutions.  By  choosing 
Sybase,  you  can  preserve  and  extend 
your  existing  infrastructure  investments, 
avoid  proprietary  traps,  and  improve 
efficiency  across  the  enterprise. 

_ - _ ) 


The  second  key  component  of  HIPAA  Studio 
is  EDI  Server,  featuring  all  the  tools  you  need 
to  seamlessly  transform  large  volumes  of 
data  and  share  it  with  your  trading  partners. 

In  addition  to  its  wide  support  of  standards 
and  any-to-any  mapping  capabilities,  EDI 
Server  also  enables  you  to  develop  powerful, 
integrated,  n-tier  Web  applications.  (This 


engine  for  business  process  management 
and  more  complex  integration  requirements. 

And  the  latest  addition  to  our  HIPAA  Studio 
is  the  HIPAA  Repository.™  HIPAA  Repository 
maintains  all  the  data  that  is  found  in  your 
HIPAA  transactions.  HIPAA  Repository  works 
with  all  HIPAA-related  solutions,  including, 
of  course,  our  own  HIPAA  Studio. 
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may  be  the  appropriate  time  to  remind  you 
that  Sybase  is  a  leader  in  Enterprise  Portal 
technology.) 

With  EDI  Server,  you  can  rapidly  develop 
e-Business  communities,  support  multiple 
message  formats  and  manage  even  greater 
transaction  volumes.  EDI  Server  boasts  the 
fastest  processing  speeds  in  the  industry 
and  seamless  integration  with  any  ODBC- 
compliant  database. 


Sybase  HIPAA  Studio  gives  you  the  tools  you 
need  to  make  your  compliance  dates  with 
confidence.  They  also  put  you  in  a  position  to 
actually  create  new  competitive  advantages 
for  your  organization  that  will  pay  dividends 
well  into  the  future.  All  without  a  trace  of 
anxiety. 

Find  out  how  to  get  your  company  started 
at  sybase.com/integrationsolutions. 


THE  NEXT  STEPS  FORWARD 


Our  Sybase  Process  Server  takes  you  past 
compliance  and  into  the  arena  of  improved 
process  management  and  improved  back-end 
integration  for  competitive  advantages  in 
the  marketplace.  It's  an  optional  rules-based 


1  Sybase 


The  Health  Insurance  Portability  and  Accountability  Act  (HIPAA)  deadlines  for  compliance  are  rapidly  approaching.  HIPAA  Studio 
compliance  challenge  quickly  and  smoothly. 


can  help  you  meet  the 
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Networks 


DEFINITION 
Scale-free  networks,  including  the  Internet,  are  char¬ 
acterized  by  an  uneven  distribution  of  connected¬ 
ness.  Instead  of  the  nodes  of  these  networks  having  a 
random  pattern  of  connections,  some  nodes  act  as 
“very  connected”  hubs,  a  fact  that  dramatically  influ¬ 
ences  the  way  the  network  operates. 


BY  JAN  MATLIS 

Using  a  Web  crawler,  physicist 
Albert-Laszlo  Barabasi  and  his 
colleagues  at  the  University  of 
Notre  Dame  in  Indiana  in  1998 
mapped  the  connectedness  of 
the  Web.  They  were  surprised 
to  find  that  the  structure  of 
the  Web  didn’t  conform  to  the 
then-accepted  model  of  ran¬ 
dom  connectivity.  Instead, 
their  experiment 
yielded  a  connectivity 
map  that  they  chris¬ 
tened  “scale-free.” 

Barabasi  and  his 
team  had  been  doing 
work  that  modeled 
surfaces  in  terms  of  fractals, 
which  are  also  scale-free. 

Their  discoveries  about  net¬ 
works  have  been  found  to 
have  implications  well  beyond 
the  Internet;  the  notion  of 
scale-free  networks  has  turned 
the  study  of  a  number  of  fields 
upside  down.  Scale-free  net¬ 
works  have  been  used  to  ex¬ 
plain  behaviors  as  diverse  as 
those  of  power  grids,  the  stock 
market  and  cancerous  cells,  as 
well  as  the  dispersal  of  sexual¬ 
ly  transmitted  diseases. 

Put  simply,  the  nodes  of  a 
scale-free  network  aren’t  ran¬ 
domly  or  evenly  connected. 
Scale-free  networks  include 
many  “very  connected”  nodes, 


hubs  of  connectivity  that 
shape  the  way  the  network  op¬ 
erates.  The  ratio  of  very  con¬ 
nected  nodes  to  the  number  of 
nodes  in  the  rest  of  the  net¬ 
work  remains  constant  as  the 
network  changes  in  size. 

In  contrast,  random  connec¬ 
tivity  distributions  —  the 
kinds  of  models  used  to  study 
networks  like  the  Internet  be¬ 
fore  Barabasi  and  his 
team  made  their 
observation  —  predict¬ 
ed  that  there  would  be 
no  well-connected 
nodes,  or  that  there 
would  be  so  few  that 
they  would  be  statistically  in¬ 
significant.  Although  not  all 
nodes  in  that  kind  of  network 
would  be  connected  to  the 
same  degree,  most  would  have 
a  number  of  connections  hov¬ 
ering  around  a  small,  average 
value.  Also,  as  a  randomly  dis¬ 
tributed  network  grows,  the 
relative  number  of  very  con¬ 
nected  nodes  decreases. 

Significant  Differences 

The  ramifications  of  this  dif¬ 
ference  between  the  two  types 
of  networks  are  significant, 
but  it’s  worth  pointing  out  that 
both  scale-free  and  randomly 
distributed  networks  can  be 
what  are  called  “small  world” 


networks.  That  means  it 
doesn’t  take  many  hops  to  get 
from  one  node  to  another  — 
the  science  behind  the  notion 
that  there  are  only  six  degrees 
of  separation  between  any  two 
people  in  the  world.  So,  in 
both  scale-free  and  randomly 
distributed  networks,  with  or 
without  very  connected  nodes, 
it  may  not  take  many  hops  for 
a  node  to  make  a  connection 
with  another  node.  There’s  a 
good  chance,  though,  that  in  a 
scale-free  network,  many 
transactions  would  be  fun- 
neled  through  one  of  the  well- 


connected  hub  nodes  —  one 
like  Yahoo  Inc.’s  Web  portal. 

Because  of  these  differ¬ 
ences,  the  two  types  of  net¬ 
works  behave  differently  as 
they  break  down.  The  con¬ 
nectedness  of  a  randomly  dis¬ 
tributed  network  decays 
steadily  as  nodes  fail,  slowly 
breaking  into  smaller,  separate 
domains  that  are  unable  to 
communicate. 

Resists  Random  Failure 

Scale-free  networks,  on  the 
other  hand,  may  show  almost 
no  degradation  as  random 
nodes  fail.  With  their  very 
connected  nodes,  which  are 
statistically  unlikely  to  fail  un¬ 
der  random  conditions,  con¬ 
nectivity  in  the  network  is 
maintained.  It  takes  quite  a  lot 
of  random  failure  before  the 
hubs  are  wiped  out,  and  only 
then  does  the  network  stop 
working.  (Of  course,  there’s  al¬ 
ways  the  possibility  that  the 
very  connected  nodes  would 
be  the  first  to  go.) 

In  a  targeted  attack,  in 
which  failures  aren’t  random 
but  are  the  result  of  mischief, 
or  worse,  directed  at  hubs,  the 
scale-free  network  fails  cata¬ 
strophically.  Take  out  the  very 
connected  nodes,  and  the 
whole  network  stops  function¬ 
ing.  In  these  days  of  concern 
about  cyberattacks  on  the  crit¬ 
ical  infrastructure,  whether 
the  nodes  on  the  network  in 
question  are  randomly  distrib¬ 
uted  or  are  scale-free  makes  a 
big  difference. 

Epidemiologists  are  also 


pondering  the  significance  of 
scale-free  connectivity. 

Until  now,  it  has  been  ac¬ 
cepted  that  stopping  sexually 
transmitted  diseases  requires 
reaching  or  immunizing  a 
large  proportion  of  the  popu¬ 
lation;  most  contacts  will  be 
safe,  and  the  disease  will  no 
longer  spread.  But  if  societies 
of  people  include  the  very 
connected  individuals  of 
scale-free  networks  —  individ¬ 
uals  who  have  sex  lives  that 
are  quantitatively  different 
from  those  of  their  peers  — 
then  health  offensives  will  fail 
unless  they  target  these  indi¬ 
viduals.  These  individuals  will 
propagate  the  disease  no  mat¬ 
ter  how  many  of  their  more 
subdued  neighbors  are  immu¬ 
nized. 

Now  consider  the  following: 
Geographic  connectivity  of  In¬ 
ternet  nodes  is  scale-free,  the 
number  of  links  on  Web  pages 
is  scale-free,  Web  users  belong 
to  interest  groups  that  are 
connected  in  a  scale-free  way, 
and  e-mails  propagate  in  a 
scale-free  way.  Barabasi’s 
model  of  the  Internet  tells 
us  that  stopping  a  computer 
virus  from  spreading  requires 
that  we  focus  on  protecting 
the  hubs.  I 
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Comparing  Random  and  Scale-Free  Distribution 


in  the  random  network,  J 

the  five  nodes  with  the 
most  links  (in  red)  are 
connected  to  only  27%  “ 

of  all  nodes  (green). 

In  the  scale-free  net¬ 
work,  the  five  most 
connected  nodes  (red) 
are  connected  to  60% 
of  all  nodes  (green). 
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Experts  Stumble  on 
PKI  Security  Project 

An  effort  to  rework  a  public-key  infrastruc¬ 
ture  brings  big-bucks  consultants  and 
dime-store  advice.  By  Vince  Tuesday 


ive  years  ago,  before  I 
was  hired,  my  company 
rolled  out  a  financial 
services  application  to 
20,000  users  at  900  companies 
in  18  countries.  The  company 
knew  it  needed  something  bet¬ 
ter  than  just  user  names  and 
passwords  for  authentication, 
so  it  built  a  public-key  infra¬ 
structure  (PKI). 

That  technology  decision 
has  come  back  to 
haunt  us.  We’re  strug¬ 
gling  to  make  the  in¬ 
frastructure  work 
better,  and  finding 
qualified  help  hasn’t 
been  easy. 

Using  PKI,  our  cen¬ 
tral  application  that  needs  to 
verify  a  user’s  identity  can  ask 
the  user  to  perform  a  calcula¬ 
tion  that  is  possible  only  with 
his  private  key.  The  private  key 
isn’t  held  in  the  central  server, 
and  it  isn’t  transmitted,  mak¬ 
ing  it  much  harder  to  steal 
or  intercept. 

There  are  weaknesses, 
though.  While  working  out  the 
private  key  is  difficult,  it  can 
be  done  if  you  have  very  fast 
computers  —  and  enough 
time.  And  private  keys  can  be 
stolen  from  users.  Therefore, 
to  ensure  that  the  system  re¬ 
mains  secure,  we  set  the  keys 
to  automatically  expire  every 
four  years.  That  is  where  our 
problems  began. 

Key  Headaches 

A  year  and  a  half  ago,  we  had 
to  issue  a  new  key  to  every 
user.  It  was  a  painful,  manual 
process  that  took  months  and 
annoyed  everyone.  It  hurt  my 
group  because  we  had  to  dedi¬ 
cate  skilled  staff  to  the  low- 
level  task  of  producing  the 
keys  and  then  following  a 


manual  process  to  send  those 
keys  to  every  user.  We  used 
encrypted,  self-extracting 
executables  to  e-mail  the 
keys  out. 

Many  users’  firewalls  and 
e-mail  gateways  are  config¬ 
ured  to  quarantine  or  strip  at¬ 
tachments  that  are  difficult  to 
scan  or  that  could  be  a  virus. 
As  each  of  the  steps  we  used 
to  send  the  keys  was  likely  to 
hit  a  block,  some¬ 
times  it  was  a  prob¬ 
lem  for  our  users  to 
even  get  the  keys,  let 
alone  go  through  the 
process  of  installing 
them  in  the  right 
place.  Now  that 
we’ve  distributed  the  keys, 
we  aren’t  looking  forward  to 
the  next  expiration. 

When  the  system  was  built, 
PKI  was  rare  in  the  commer¬ 
cial  world.  There  weren’t  any 
mature,  reasonably  priced 
commercial  products,  so  we 
built  our  own.  It’s  clunky,  and 
its  bad  interface  adds  to  the 
work  of  issuing  keys,  but  at 
least  it  conforms  to  the  inter¬ 
national  standards  that  deter¬ 
mine  how  to  produce  the  keys. 

Since  then,  PKI  has  grown 
in  popularity,  and  competition 
has  driven  down  the  cost 


We  were  hoping  for 
tailored  guidance, 
but  instead  the  con¬ 
sultants  pointed  us  at 
two  of  the  three 
biggest  suppliers. 


of  PKI  software.  There  are 
now  several  very  slick  pack¬ 
ages  available. 

In  order  to  reduce  the  pain 
of  the  next  key  reissue,  we’re 
investigating  PKI  product  and 
service  options.  Our  custom 
code  is  standards-based,  so 
we  can  at  least  replace  the 
core  of  the  PKI  without  having 
to  rewrite  our  application  au¬ 
thentication  code. 

Consultant  Concerns 

I  have  a  strong  background  in 
the  academic  theory  of  cryp¬ 
tography  but  not  much  direct 
experience  with  large-scale 
deployments  of  these  PKI 
suites.  Therefore,  I  decided 
to  get  some  help  from  some 
highly  recommended  consul¬ 
tants  who  do  this  kind  of  thing 
all  the  time. 

We  began  our  meeting  by 
explaining  our  situation  and 
what  we  hoped  to  do.  As  the 
consultants  spoke,  however, 

I  began  to  feel  nervous.  They 
seemed  to  be  falling  into  the 
same  kind  of  errors  about 
cryptographic  key  sizes  that  I 
wrote  about  in  my  last  column 
[QuickLink  33333]. 

The  strangest  moment  was 
when  one  of  them  informed  us 
that  the  root  key  (the  key  we 
use  to  issue  all  the  other  users’ 
keys)  must  be  512  bits  larger 
than  the  users’  keys. 

Clearly,  you  should  make 
the  keys  as  large  as  possible  so 
they  will  take  longer  to  crack, 
while  keeping  them  a  reason¬ 
able  length  for  easy  storage 
and  fast  processing.  The  root 
key  is  more  valuable  than  the 
user  keys,  because  you  could 
issue  your  own  user  keys  if 
you  cracked  the  root  key. 
Therefore,  making  the  root 
key  larger  than  the  user  keys  is 
sensible.  But  why  an  arbitrary 
value  for  how  much  larger  it 
should  be?  I  asked  the  consul¬ 
tant  to  explain.  “Best  prac¬ 
tices,”  he  said,  but  he  could 


offer  no  further  explanation. 

Relations  deteriorated  fur¬ 
ther  when  we  asked  which 
vendors  the  consultant  sug¬ 
gested  we  investigate  for  our 
particular  needs.  These  con¬ 
sultants  sometimes  serve  as 
a  professional  services  arm  of 
RSA  Security  Inc.  in  Bedford, 
Mass.,  and  Entrust  Inc.  in  Ad¬ 
dison,  Texas,  so  we  weren’t 
surprised  to  hear  them  recom¬ 
mended  only  those  two  firms. 

VeriSign  Inc.  in  Mountain 
View,  Calif.,  RSA  and  Entrust 
are  the  three  biggest  names 
in  the  PKI  market.  We  were 
hoping  for  tailored  guidance, 
but  instead  the  consultants 
pointed  us  at  two  of  the  three 
biggest  suppliers.  That  wasn’t 
the  best  way  to  convince  us 
they’re  worth  their  startlingly 
high  consultancy  fees. 

Then  we  explained  that 
we  need  to  migrate  to  a  new 
PKI  product  quickly  to  ensure 
that  everything  will  be  com¬ 
pleted  before  the  next  key  ex¬ 
piration  occurs.  That  would  let 
us  save  staff  time  and  ease  the 
pain  for  users,  as  we  could 
reissue  their  keys  once,  rather 
than  twice,  over  a  short  time 
span.  The  response?  “Why  not 
just  extend  the  root  key  for  a 
few  years  to  give  you  breath¬ 
ing  space?  The  users  would 
never  know,  right?” 

This  is  like  a  grocery  store 
deciding  to  make  a  little  extra 
money  by  adding  extra  days  to 
the  expiration  date  on  their 
milk.  The  customers  would 
never  know,  right?  Yes,  but  I 
know,  and  I’m  the  one  respon¬ 
sible  for  security  around  here. 

In  the  end,  I’m  afraid  we 
didn’t  learn  much  about  which 
PKI  product  we  should  buy. 
But  we  did  learn  that  we 
wouldn’t  be  using  these  con¬ 
sultants  to  help  us  with  the 
choice.  Now  we  have  to  de¬ 
cide  what  to  do  next.  I 


WHAT  DO  YOU  THINK? 

This  week’s  journal  is  written  by  a  real 
security  manager,  “Vince  Tuesday,"  whose 
name  and  employer  have  been  disguised 
for  obvious  reasons.  Contact  him  at  vince. 
tuesday@hushmail.com,  or  join  the  dis¬ 
cussion  in  our  forum: 
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Security  Bookshelf 

■  Internet  Security  — 

OMtawhy  INTERNET 

Heidelberg,  2002. 

In  the  fast-moving 
world  of  Internet 
security,  it’s  hard 
to  be  sure  that 
everyone  is  using  the  same  jar¬ 
gon.  At  last  a  dictionary  has 
been  put  together  to  fill  the 
gaps.  This  title  is  a  useful  re¬ 
source  for  anyone  who  has  to 
communicate  about  Internet 
security.  I  looked  up  all  the 
terms  I  use  and  found  valuable 
definitions  for  all  of  them  ex¬ 
cept  DMZ-  one  for  the  next 
edition,  perhaps? 

-Vince  Tuesday 


Baltimore  Adds 
PKJ  Security  Suite 

Baltimore  Technologies  PLC 
in  Needham,  Mass.,  hopes  to 
simplify  the  deployment  of  PKI 
security  tools  by  integrating 
them  with  business  applica¬ 
tions.  The  recently  announced 
Trusted  Business  Suite  con¬ 
sists  of  three  sets  of  security 
modules,  each  integrated  with 
a  common  business  applica¬ 
tion  to  secure  networks,  mes¬ 
saging  systems  and  docu¬ 
ments.  The  modules  come 
preconfigured  and  ready 
to  work  out  of  the  box,  the 
company  says. 

Hacker  Target  No.  1: 
Windows  vs.  Linux 

Earlier  this  year,  Linux  Web 
servers  were  getting  hacked 
more  often  than  systems  run¬ 
ning  Microsoft  Windows.  But 
now  Windows  once  again  tops 
the  list  of  most  targeted  online 
operating  systems,  according 
to  Mi2g  Ltd.,  a  security  intelli¬ 
gence  company  in  London. 

Widely  publicized  vulnera¬ 
bilities  in  popular  applications 
for  Linux  led  to  a  spike  in  April 
and  May  in  defacements  of 
Web  sites  hosted  on  servers 
running  Linux.  However,  in 
June  and  July,  more  Web  sites 
hosted  on  Windows  systems 
were  successfully  attacked. 
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The  new  IBM  (©server  BladeCenter.™  Now  you  can  remotely  deploy  new  servers  in 
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ApplQ  Launches 
SRM  Software 

ApplQ  Inc.  in  Burlington,  Mass., 
late  last  month  announced  a  stor¬ 
age  resource  management  (SRM) 
software  suite  based  on  the  Com¬ 
mon  Information  Model  and  Web- 
Based  Enterprise  Management 
standards.  The  ApplQ  Solution 
Suite  -  which  includes  ApplQ 
Manager,  ApplQ  for  Oracle  and 
ApplQ  for  Exchange  -  was  de¬ 
signed  to  unify  the  management 
of  applications,  servers,  storage 
networks  and  storage  subsys¬ 
tems.  Pricing  for  the  software  will 
start  at  $10,000  per  terabyte  of 
managed  storage. 


Amplify.net  Offers 
WAN  Gateways 

Start-up  Amplify.net  Inc.  in  Fre¬ 
mont,  Calif.,  has  begun  shipping 
its  iSurf  Janus  family  of  wide-area 
network  (WAN)  gateways  for 
branch  offices.  The  new  products 
are  designed  to  provide  WAN 
backup,  load  balancing,  and  fire¬ 
wall  and  virtual  private  network 
(VPN)  protection.  The  CX  model 
consists  of  two  WAN  ports  with 
10M  bit/sec.  downstream  and 
4M  bit/sec.  upstream.  The  DX 
supports  30M  bit/sec.  down¬ 
stream  and  SOM  bit/sec.  up¬ 
stream.  The  RX  supports  three 
100M  bit/sec.  WAN  ports.  VPN 
options  are  available  in  all  three 
product  categories,  with  prices 
ranging  from  $995  to  $4,995. 


Bluetooth  Tools 
For  Palm  Devices 

Colligo  Networks  Inc.  in  Vancou¬ 
ver,  British  Columbia,  announced 
that  its  BlueBoard  and  BlueChat 
applications,  both  based  on  Blue¬ 
tooth  technology,  are  being  bun¬ 
dled  into  the  new  Tungsten  T 
handhelds  from  Milpitas,  Calif.- 
based  Palm  Inc.  Colligo  Meeting 
for  handhelds  running  Palm  OS  4 
is  available  at  www.colligo.com/ 
store  for  $19.95  per  license.  The 
applications  provide  messaging, 
whiteboarding  and  meeting 
scheduling  for  Bluetooth-enabled 
Palm  handhelds. 


ROBERT  L.  MITCHELL 


A  Template  for 
Win  2kAecurity 


IT’S  A  BRIGHT  Indian  summer  day  in  Manches¬ 
ter,  N.H.,  but  I  won’t  need  my  sunglasses.  On  this 
day,  I’m  cloistered  away  with  21  IT  professionals 
in  a  dark,  windowless  room  at  the  local  Holiday 
Inn  for  a  hands-on  tour  of  the  Windows  2000 
Professional  Gold  Standard  security  benchmark. 


The  idea  behind  the 
benchmark  —  to  establish  a 
minimum  baseline  security 
configuration  that  every 
Windows  2000  Professional 
workstation  should  meet  — 
is  not  new.  What  is  new  is 
that  several  organizations, 
including  the  Center  for  In¬ 
ternet  Security  (CIS),  the 
SANS  Institute,  four  federal 
agencies  and  Microsoft 
Corp.,  have  agreed  to  en¬ 
dorse  a  common  security 
template.  That  fact  begs  the 
question:  If  everyone  —  even  Micro¬ 
soft  —  agrees  that  this  is  the  absolute 
minimum  security  level  that  the  busi¬ 
ness  version  of  Windows  2000  must 
meet,  why  isn’t  this  template  offered 
with  the  default  install? 

The  training  session,  a  certificate 
program  sponsored  by  the  SANS  In¬ 
stitute,  has  brought  IT  professionals 
from  a  mix  of  business,  government 
and  vendor  organizations. 

Implementing  the  recommended 
settings  in  the  template  isn’t  rocket 
science  —  setting  the  minimum  pass¬ 
word  length  to  eight  characters,  for 
example  —  but  there  are  about  300 
specific  changes  that  will  take  some 
time  to  review.  Attendee  Greg  Owen, 
a  senior  network  engineer  at  security 
consultancy  Vibren  Technologies  Inc. 
in  Boxboro,  Mass.,  acknowledges  that 
he  sees  nothing  new  here,  but  he  views 
the  benchmark  as  a  positive  step.  “[It] 
should  take  some  of  the  confusion  out 
of  the  configuration  for  IT  managers 


who  don’t  know  where  to 
start,”  he  explains. 

The  benchmark,  which 
I  download  from  the  CIS 
Web  site,  also  includes 
useful  tools  for  auditing 
and  implementing  the  se¬ 
curity  template.  It  consists 
of  the  Security  Configura¬ 
tion  and  Analysis  snap-in; 
the  CIS  Security  Scoring 
Tool,  which  rates  the  rela¬ 
tive  security  of  the  com¬ 
puter  before  and  after  you 
apply  the  template  set¬ 
tings;  and  a  benchmarking  program, 
the  Gold  Standard  security  template, 
which  snaps  into  Windows’  Microsoft 
Management  Console. 

I  run  the  analysis  tool  on  my  laptop, 
with  its  freshly  minted  Win  2k  install. 
It  analyzes  my  machine  and  presents  a 
side-by-side  comparison  of  current 
and  recommended  settings. 

The  task  of  reviewing  and  thinking 
through  the  300  or  so  recommended 
settings  is  a  challenge.  For  example, 
you  don’t  want  to  deploy  a  template 
that  disallows  removal  of  the  NT  file 
system  media  if  your  company  uses 
Iomega  Jaz  drives  to  store  and  trans¬ 
port  computer-aided  designs  or  graph¬ 
ics  files.  Fortunately,  you  can  custom¬ 
ize  your  own  baseline  and  merge  in 
additional  template  layers  for  specific 
users  or  groups. 

Running  the  scoring  tool  is  pretty 
slick.  It  tallies  up  points  for  service 
packs  and  hot  fixes  as  well  as  registry 
settings  and  ranks  my  machine  on  a 
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scale  of  1  to  10.  My  out-of-the-box 
install  initially  comes  in  at  an  anemic 
1.4.  But  applying  the  patches  and  tem¬ 
plate  boosts  my  score  to  9.4  —  which 
sounds  great  until  the  instructor  re¬ 
minds  me  that  I’ve  merely  come  close 
to  reaching  the  minimum  level  of  se¬ 
curity.  This  makes  me  wonder  if  the 
relative  nature  of  this  score  might  be 
lost  on  some  users,  who  may  gain  a 
false  sense  of  security  from  seeing 
that  wonderful  9.4.  Certainly,  no  user 
will  ever  successfully  secure  a  system 
by  aspiring  to  the  baseline. 

But  our  SANS  Institute  instructor  is 
quick  to  remind  us  that  the  template 
won’t  be  effective  unless  it’s  deployed 
within  the  context  of  a  well-thought- 
out  security  policy.  The  current  tem¬ 
plate  doesn’t  apply  to  Windows  2000 
Server  or  Windows  XP  (those  are  in 
the  works),  it  won’t  protect  worksta¬ 
tions  from  application-level  issues, 
and  it  certainly  won’t  protect  against 
sloppy  management  practices. 

Broad  acceptance  will  require 
more  than  just  management  behavior 
modification  —  or  a  nationwide 
SANS  training  tour.  A  requirement 
that  all  government  machines  use  the 
template  will  help.  But  ultimate  suc¬ 
cess  will  come  only  when  the  operat¬ 
ing  system’s  creators  legitimize  the 
Gold  Standard  by  including  it  as  the 
default  enterprise  security  template 
with  Windows  2000  Professional. 
Microsoft  says  its  goal  is  to  have  one 
consistent  set  of  security  templates. 
Surely,  the  Gold  Standard  should  be 
part  of  it.  I 


MORE  ON  THE  GOLD  STANDARD 

For  links  to  sites  with  more  information  on  the  Windows 
2000  Professional  Gold  Standard,  visit  our  Web  site: 
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Want  Our  Opinion?  For  more  columns  and  links  to  our 
archives,  go  to: 

www.computerworld.com/opinions 
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HERE'S  WHAT  PAST  ATTENDEES  SAY... 

"...  delivers  value  by  bringing  together 
senior-level  IT  decision-makers 
to  share  their 
experiences ... 
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is  wonderful ...  the  level  of 
expertise  among  the  attendees  is 
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Upgrading  the 
Infrastructure 

Identify  best  practices  to  leverage  data 
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ment,  storage  and  network  infrastructures. 
Master  the  evaluation  of  outsourcing  deals  and 
the  use  of  service  providers. 
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Analysts  estimate  that  40%  of  IBM's  operating  profits 
are  from  mainframe  software  and  maintenance* 


Aren't  you  tired  of  paying 
your  share? 


But  don't  just  take  our  word  for  it!  Let  us  prove  it  to  you 
via  the  NetReady  Partner  Program.  Our  highly  trained 
consultants  will  help  you  leverage  your  current  wealth  of 
business  assets,  and  unify  them  with  new  development 
initiatives  on  Windows-based  platforms.  Plus,  using  leading 
edge  development  environments,  your  developers  will 
become  more  productive,  delivering  new  functionality  in 
much  less  time  without  taking  a  huge  bite  out  of  your 
production  schedule  or  your  budget. 


You  can  substantially  lower  your  overall  IT  costs  by 
migrating  CICS  COBOL  applications  from  your  mainframe 
to  ASP.NET  using  Fujitsu's  NetCOBOL  for  .NET.  By  offload¬ 
ing  applications,  you  save  valuable  CPU  time  and  can  often 
postpone  upgrades.  Given  the  size  and  critical  nature  of 
your  legacy  COBOL  assets,  you  can't  afford  to  rewrite  all 
your  applications  in  a  new  language  to  migrate  to  a  new 
platform. 


Remarkably,  ASP.NET  has  a  highly  similar  structure  to  CICS 
applications  and  Fujitsu  Software  has  created  a  process 
through  which  we  can  quickly  migrate  CICS  to  ASP.NET. 
NetCOBOL  for  .NET  allows  you  to  reduce  your  dependency 
on  mainframe  environments,  effectively  bridging  the  gulf 
between  where  your  business  applications  reside  today 
and  where  you  want  them  to  be  tomorrow.  It  allows  you  to 
extend  access  to  your  company's  information  assets  and 
lower  the  cost  of  the  technology  infrastructure  supporting 
your  business  goals. 


Please  call  us  at  (800)  545-6774  or  (408)  428-0300.  Or  visit 
our  web  site  at  http://www.netcobol.com/nrpp. 
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Trading  Places 

Looking  to  better  align  business 
and  technology  objectives,  more 
companies  are  cross-training 
workers,  such  as  WW.  Grainger’s 
Tim  Ferrarell,  to  the  point  where 
it’s  not  so  easy  to  tell  their  sales 
reps  from  their  IT  pros.  Page  52 


Calculating  Change  Upfront 

Buying  and  installing  new  enterprise 
software  entails  changes  in  workflows, 
employee  job  responsibilities  and 
business  processes,  all  of  which  should 
be  included  in  the  initial  business  case 
for  a  new  software  investment,  writes 
columnist  John  Berry.  Page  54 


QUOTE  OF  THE  WEEK 

M  Embracing  all  these  partnerships  is  a 
no-regret  decision.  Had  S  deluded  myself 
and  thought  that  ail  these  areas  were  core 
competencies  ...  I  would  have  had  much  less 
capacity  to  do  things  that  have  had  true  strategic 
value  in  the  eyes  of  our  business  partners. 

-John  McKinley,  CIO,  Merrill  Lynch 


Cheaper,  easier-to-use  PDAs  tackle 
real  work  at  efficiency-  and  cost-con¬ 
scious  companies.  By  Connie  Winkler 


o 
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THE  CITY  OF  RICHMOND,  British 
Columbia,  uses  PDAs  to  track  equip¬ 
ment  use  and  manage  $1.3  million  in 
inventory,  saving  employees  hundreds 
of  hours  of  work,  says  Edward  Hung,  a 
manager  in  the  city’s  IT  department. 


Sure  they're  cool.  But  a  growing  number 
of  companies  are  finding  that  personal 
digital  assistants  (PDA)  are  also  more  ver¬ 
satile  than  Swiss  Army  Knives  for  solving 
|  a  wide  variety  of  business  needs  on  the  cheap, 
j  “None  of  our  competitors  have  anything  like  our 
;  PDA  applications,  and  they  don’t  appear  to  be  look- 
:  ing  [at  them].  We  are  amazed,”  says  operations  man- 

j  ager  David  Morton,  discussing  the  PDA-based  time- 
•  and  equipment-tracking  system  at  Tim  Beaty 
|  Builders  Inc.  in  Denton,  Texas.  It  has  taken  about 
.*  two  years  for  the  system  to  pay  for  itself,  thanks 

:  largely  to  the  hours  that  managers  no  longer  need  to 

j  spend  collecting  and  tracking  payroll  information. 

•  Managers  also  know  which  projects  are  making  or 
•  losing  money  and  how  much. 

•  “It  gives  us  a  competitive  advantage  because  our 
:  field  personnel  are  more  informed  and,  as  a  result, 

;  more  responsive  to  our  customers  needs  —  not  to 

;  mention  the  cost  savings  we  enjoy,”  says  Morton. 

•  A  40-person  regional  construction  company,  Tim 
.  Beaty  is  one  of  a  growing  number  of  companies  us- 
;  ing  PDAs  as  portable  record-keeping  or  time-clock 
:  devices  that  can  be  linked  to  other  data  collection 

•  and  corporate  applications. 

.  Edward  Hung,  a  manager  in  the  IT  department  for 
;  the  city  of  Richmond,  British  Columbia,  uses  PDAs 

j  to  track  heavy-duty  equipment  use  and  manage  $1.3 
•  million  in  inventory.  He  says  the  hundreds  of  hours 

•  that  the  city  saves  using  PDAs  are  devoted  to  other 

;  projects. 

|  Introduced  in  1993  as  personal  and  business  elec- 
:  tronic  organizers  to  replace  paper  calendars  and 

j  to-do  lists,  PDAs  quickly  became  must-haves  for  ex- 
j  ecutives.  The  price  of  the  devices,  about  $500,  was  a 
j  bi§  selling  point,  especially  when  compared  with  the 
•  prices  of  older,  bulkier  handhelds  that  typically  were 
:  unique  to  each  business  and  could  cost  up  to  $1,500 

j  each.  Now,  with  the  availability  of  mainstream  busi- 
•  ness  and  wireless  applications,  lower  prices  and  in- 
:  creased  memory  and  capabilities,  PDAs  are,  at  the 

j  very  least,  an  affordable  way  to  cut  paperv/ork  and 
;  ensure  greater  data  accuracy,  proponents  say. 

•  “We  started  by  asking  how  technology  could  sim- 
:  plify  tasks  and  reduce  time  and  costs,”  says  Julie  Pot- 

j  tebaum,  a  spokeswoman  for  McDonald’s  Corp.  in 
;  Oak  Brook,  Ill.  In  a  test  at  five  restaurants,  McDon- 
j  aid’s  managers  are  using  PDAs  from  Symbol  Tech- 
•  nologies  Inc.  in  Holtsville,  N.Y.,  to  replace  paper 
•  checklists  for  collecting  food  safety  information, 
j  “With  less  paperwork,  managers  have  more  time 
I  to  spend  on  the  floor  of  the  restaurant,”  says  Potte- 
:  baum,  noting  that  the  PDA-based  food  safety  appli- 
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TYING  IT  ALL 
TOGETHER 

BECAUSE  SOFTWARE  for  PDAs  is  still  evolving, 
companies  often  need  to  rely  on  a  team  of  devel¬ 
opers,  service  providers  and  the  makers  of  hand¬ 
held  devices  when  creating  applications.  Here  are 
a  few  tips  from  early  adopters  for  helping  all  the 
players  involved  work  well  together: 

■  Establish  a  single  vision  of  the  final  system. 

■  Remain  flexible.  “We’ve  asked  for  several  de¬ 
rivations  to  the  original  software,  and  our  vendor 
has  been  refreshingly  responsive  -  a  pleasant 
surprise  over  more  ’rigid’  developers  in  the  past,” 
says  David  Morton,  operations  manager  at  Tim 
Beaty  Builders. 

■  Tailor  software  design  and  training  to  users  of 
the  new  PDA-based  system.  “Because  our  PDAs 
are  used  by  painters,  plumbers,  truck  drivers, 
equipment  operators  and  general  laborers,  we 
were  concerned  that  they  could  be  effective  with 
them,”  recalls  Morton.  "But  the  system  and  forms 
are  intuitive,  and  training  is  a  two-hour  session." 

cation  jointly  developed  with  Cincinnati-based  KTG 
Inc.  saves  managers  an  hour  a  day. 

Because  standard  PDA  software  for  handling  busi¬ 
ness  tasks  is  still  emerging,  developing  applications 
for  PDAs  is  typically  a  juggling  act,  with  companies 
usually  working  with  three  or  four  outside  software 
vendors  and  service  providers.  However,  this  is  be¬ 
ginning  to  change  as  manufacturers  increase  the 
power  and  capabilities  of  their  devices  to  accommo¬ 
date  the  growing  use  of  XML-based  data  and  appli¬ 
cations  and  the  growth  of  Web  services. 

Instead  of  the  entire  PDA  application  having  to  re¬ 
side  on  the  device,  XML  enables  a  big  chunk  of  it  to 
be  offloaded  to  a  larger  system.  “With  XML  and  Web 
services,  it’s  much  easier  to  use  these  devices  for 
more  serious  business  applications  —  you  don’t  have 
to  have  the  whole  application  running  on  the  device 
anymore,”  explains  Ronald  Schmelzer,  a  senior  ana¬ 
lyst  at  ZapThink  LLC,  an  XML  and  Web  services  re¬ 
search  company  in  Waltham,  Mass. 

This  is  possible  because  today’s  PDAs  can  more 
easily  link  to  large  applications  via  either  wireless 
connections  or  direct  connections  to  desktop  PCs  or 
other  docking  stations. 

Given  these  increased  capabilities,  Schmelzer 
foresees  business  use  of  PDAs  increasing  within  the 
next  12  to  18  months.  He  points  to  two  markets  where 
PDA  use  is  likely  to  grow  significantly:  the  finance 
and  retail  industries.  For  example,  warehouse-store 
shoppers  might  use  PDAs  to  ring  up  their  orders  as 
they  walk  down  the  aisles.  And  store  employees 
might  use  the  devices  to  scan  and  record  inventories. 
In  financial  services,  investors  might  use  PDAs  to 
conduct  transactions  from  any  location. 

McDonald’s,  Tim  Beaty  and  Richmond  are  ahead 
of  the  curve  in  testing  or  deploying  PDAs  to  handle 
critical  enterprise  applications.  ► 


Winkler  is  a  former  Computerworld  New  York  bureau 
chief  who  lives  in  Seattle.  She  can  be  reached  at 
winklerconnie@yahoo.com. 


MCDONALD’S  CORP. 

Store  the  Food  Data 

With  30,000  restaurants  around  the  world,  the  $40 
billion  fast  food  giant  is  very  concerned  about  food 
safety.  Since  February,  McDonald’s  managers  at  five  U.S. 
restaurants  have  been  testing  four  PDA-based  applications, 
including  one  for  tracking  the  temperature  of  food.  Routinely 
throughout  the  day,  managers  measure  temperatures  by 
poking  grilling  hamburgers  and  other  foods  with  a  penlike 
probe  plugged  into  a  Pocket  PC.  They  can  also  check  the 
actual  temperatures  of  cold  and  frozen  foods,  rather  than 
just  monitoring  the  temperatures  of  freezers  and  refrigera¬ 
tors.  The  readings  are  downloaded  to  the  store’s  PC  data¬ 
base,  thereby  replacing  the  paper  processes. 

“We  wanted  to  find  ways  to  better  store  data, 
report  on  it  and  analyze  it,”  says  Pottebaum. 

McDonald’s  managers  are  also  using  PDAs 
to  record  and  track  information  about  restaurant  appear¬ 
ance.  On  routine  rounds  of  the  premises,  managers  use 
PDAs  to  scan  bar  codes  on  lobby  walls  to  verify  regularly 
scheduled  checks  on  restaurant  appearance.  This  saves 
each  manager  about  30  minutes  a  month,  the  company  es¬ 
timates.  Managers  also  use  PDAs  to  schedule  crew  training, 
saving  themselves  about  six  hours  a  month. 

McDonald’s  says  it  relied  heavily  on  software  providers 
and  integrators  in  developing  the  restaurant  PDA  software. 
Its  partners  included  Tangent  Systems  Inc.  in  Charlotte, 

N.C.,  and  Symbol  Technologies. 

CITY  OF  RICHMOND 

Keep  the  City  Running 

The  city  of  Richmond,  British  Columbia,  is  working  with 
its  second  PDA  application  after  finding  that  the  hand¬ 
helds  were  ideal  for  monitoring  the  dikes  and  the  39  jet- 
engine-like  pumps  that  hold  back  the  surrounding  waters  for 
the  almost-sea-level  city. 

About  18  employees,  mostly  in  the  city’s  water  depart¬ 
ment,  use  PDAs  to  track  and  chart  pump  failures,  tide  levels, 
road  temperatures,  the  weather,  and  waste  water  and  rain 
levels.  Pumps  routinely  fail,  and  workers  need  to  be  alerted 
fast:  65  alarms  in  24  hours  isn’t  unusual,  whether  it’s  raining 
or  not.  “There’s  always  an  emergency  around  here,”  says 
Edward  Hung,  manager  of  advanced  research  and  technolo¬ 
gy  in  Richmond’s  IT  department.  The  PDAs  enable  workers 
to  identify  problems  such  as  aged  pumps  and  potential  trou¬ 
ble  spots  long  before  flooding  starts,  he  adds. 

Richmond's  PDA  application  is  part  of  an  Internet-based 
system  that  connects  to  desktop  PCs.  To  execute  the  inte¬ 
gration,  the  IT  team  worked  closely  with  New  York-based  In¬ 
formation  Builders  Inc.,  which  provided  its  Web  Focus  soft¬ 
ware  for  the  Internet-data  connection,  and  with  wireless 
providers  AvantGo  Inc.  in  Hayward,  Calif.,  and  Sierra  Wire¬ 
less  Inc.  in  Richmond. 

“Definitely,  the  [pump  system]  PDAs  were  an  opening  of 
the  door,”  says  Hung,  adding  that  the  city  is  now  looking  at 
handhelds  rather  than  PCs  for  other  uses. 

For  example,  Richmond  needs  to  better  manage  its  ware¬ 
house,  which  stores  about  $1.3  million  worth  of  inventory, 
ranging  from  paper  products  to  street  lamps  and  sewer  and 
water  pipes.  “We  don’t  need  a  person  entering  data  for 
three  or  four  hours  at  the  end  of  the  day,  with  all  the  mis¬ 
takes  that  get  made,”  Hung  explains. 

The  goal  is  for  workers  to  be  able  to  walk  to  where  the 
material  is  stored,  scan  the  bar  codes  and,  by  the  time  they 
return  to  the  office,  find  the  necessary  paperwork  complet¬ 
ed,  printed  and  waiting.  The  input  devices  need  to  be  easy 
to  transport  around  the  warehouse,  so  laptops  aren’t  an  op¬ 
tion  because  they’re  too  heavy  and  cumbersome.  But  PDAs 


aren’t  an  option  either,  because  their  screens  are  small  and 
because  they  might  not  last  long  in  the  rugged  warehouse 
environment,  notes  Hung. 

So  the  city  is  testing  two  ViewPads  from  Walnut,  Calif.- 
based  ViewSonic  Corp.  The  ViewPads  are  close  to  the  size 
of  a  pad  of  paper  and  have  screens  that  are  about  10  inches 
high.  “They’re  rugged  and  lighter  than  a  laptop,  especially  in 
this  environment,  which  is  not  office-friendly,”  says  Hung. 

“The  ViewPad  is  hooked  wirelessly  to  our  inventory  sys¬ 
tem  [through  a  LAN],  so  our  staff  is  able  to  walk  to  the  end 
of  the  warehouse  and  effortlessly  count  pipes,”  says  Hung. 
And,  because  the  city-developed  tablet  system  links  to 
Richmond’s  PeopleSoft  inventory  system,  managers  at  city 
hall  get  automatic  updates  over  the  Internet. 

“We  don’t  have  those  numbers,  but  I  can 
guess  we’re  operating  two  to  three  times  as  ef¬ 
ficiently  as  before,”  Hung  says. 

For  pump  monitoring,  Hung  finds  that  the 
PDAs,  which  send  about  2  million  transactions  a  week  over 
the  Internet  to  central  databases,  have  saved  hundreds  of 
work  hours,  including  in  IT. 

City  workers  and  the  IT  group  want  to  use  tablet  PCs  at 
the  water  meter  repair  and  equipment  shops.  “We  have  po¬ 
tential  applications  all  over,”  says  Hung  about  his  busy 
showcase  city,  which  hosts  the  area’s  airport  and  is  joining 
nearby  Vancouver’s  bid  to  host  the  2010  Winter  Olympics. 

TIM  BEATY  BUILDERS  INC. 

Foundation  for  Success 

At  Tim  Beaty  Builders,  about  25  of  the  company’s  40 
workers  carry  Palm  handhelds  for  recording  work 
hours,  equipment  operations  and  construction  milestones, 
such  as  when  cement  is  poured  or  when  wiring  inspections 
are  completed.  The  biggest  benefit  has  come  from  the  pay¬ 
roll  application.  “We  haven’t  done  exhaustive  calculations, 
but  the  savings  in  managers’  time  alone  pays  for  the  system. 
They  used  to  spend  20%  of  their  time  on  payroll;  now  it’s 
considerably  less,”  says  David  Morton,  operations  manager. 
“Everything  else  we  get  is  gravy.” 

The  construction  company  now  knows  whether  it’s  mak¬ 
ing  money  on  a  project.  This  is  especially  critical  because 
Tim  Beaty  handles  many  projects  simultaneously,  including 
commercial  and  residential  construction,  trucking,  equip¬ 
ment  operations,  and  industrial  construction  and  mainte¬ 
nance.  “That  all  sounds  like  pretty  much  the  same  thing,  ex¬ 
cept  that  each  of  those  disciplines  requires  different  infor¬ 
mation  and  reporting,”  explains  Morton. 

Workers  now  record  on  their  PDAs  how  much  time  they 
spend  on  each  job.  “That  increased  accuracy  is  [invaluable] 
because  it  affects  both  costs  and  revenue,"  Morton  says, 
noting  that  some  jobs  are  bids  and  some  are  billed  on  a 
cost-plus  basis.  In  the  past,  hours  worked  weren’t  tied  to 
specific  projects,  so  the  company  may  have  spent  too  many 
hours  on  the  bid  projects  or  neglected  to  collect  for  extra 
hours  on  the  cost-plus  jobs. 

In  the  wake  of  that  success,  Tim  Beaty  has  added  PDA 
software  modules  from  Austin  Lane  Technologies  Inc.  in 
Denton,  Texas.  The  new  applications  track  equipment  use 
and  send  alerts  when  it’s  time  for  repairs  and  when  equip¬ 
ment  is  being  underused. 

The  firm  is  also  adding  milestone  checklists  for  cement 
prepouring  inspections  and  building  frames.  “After  you  pour 
cement  or  hang  sheetrock,  it's  too  late  to  check  for  inspec¬ 
tions,”  notes  Morton. 

In  addition  to  Austin  Lane,  San  Jose-based  Pumatech 
Inc.,  a  Palm  forms  software  provider,  and  Milpitas,  Calif.- 
based  Palm  Inc.  have  been  working  with  the  builder  on  its 
PDA  projects. 

-  Connie  Winkler 
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It  doesn  t  matter  what  business  you’re  in;  it  everyone  in  your 
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For  Merrill  Lynch’s  John  McKinley 
every  IT  service  is  up  for  grabs, 
and  managing  strategic  service 
providers  is  a  new  core  competency 


When  Merrill  Lynch  & 

Co.  CIO  John  McKinley 

talks,  people  listen  to  his 
ideas  about  managing  the 
“virtual  organization”  —  the  intricate 
web  of  outsourced  IT  service  partner¬ 
ships  that  has  become  the  strategic  un¬ 
derpinning  for  many  leading  companies. 

For  McKinley,  every  IT  service  is  a 
“jump  ball,”  and  that  perspective  puts 
him  ahead  of  CIOs  at  many  informa¬ 
tion-intensive  businesses  who  still  tend 
to  try  to  do  it  all  in-house,  says  Eileen 
Birge,  who  follows  IT  vendor  relation¬ 
ships  for  The  Concours  Group,  a  con¬ 
sulting  firm  in  Kingxvood,  Texas.  “You 
have  to  realize  that  your  job  is  to  put  to¬ 
gether  the  best  portfolio,”  she  explains. 
“You  have  to  get  over  the  ego  threat  that 
there  might  be  people  out  there  who  can 
do  it  better.  Merrill  Lynch  is  a  company 
where  IT  is  incredibly  strategic,  and 
they  have  been  willing  to  look  at  the  best 
way  to  do  this.” 

McKinley  talked  with  Computer- 
world’s  Kathleen  Melymuka  at  Merrill’s 
New  York-based  headquarters  about 
progress  in  his  four-year  initiative  to 
make  managing  the  virtual  organization 
a  core  IT  competency. 

Why  the  “virtual  organization”?  I  think  you 
have  to  really  challenge  yourself,  espe¬ 
cially  in  austere  times,  to  be  a  good 
portfolio  manager  and  make  effective 
use  of  any  discretionary  dollar  you’re 
allocated  by  your  business  partners. 

What  does  that  mean  in  IT?  It  means  that 
when  you  look  at  service  delivery,  any 
area  is  a  potential  jump  ball.  Any  area 
should  be  open  for  objective  review  to 
say,  “Is  this  a  core  competency  for  us? 
Do  we  have  competitive  cost  advan¬ 
tage  in  doing  this?  Are  we  investing  in 
continuous  improvement  in  this  ser¬ 
vice  area?  Is  it  a  long-term  differentia¬ 
tor,  and  what’s  the  state  of  the  com¬ 
mercial  market?”  You  look  at  those  cri¬ 
teria  and  challenge  yourself  about 
what  businesses  you  should  be  in  from 
a  support  perspective. 

What  did  you  find?  That  journey  has  al¬ 
lowed  us  to  make  a  number  of  strategic 
decisions  around  partnership.  I  proba¬ 
bly  have  16  to  18  major  service  partner¬ 
ships  [see  chart,  page  49],  Some  of  the 


older  deals  were  probably  some  of  the 
most  painful  lessons  we  had,  but  the 
good  news  is  we’re  smarter  now.  We’ve 
matured.  And  I  think  it  represents 
long-term  transformation  around  ser¬ 
vice  delivery  for  Merrill. 

What  are  you  looking  for  in  these  relation¬ 
ships?  We’d  like  to  have  a  more  variable 
cost  base  in  our  organization.  We  want 
to  constantly  reduce  the  unit  cost  of 
service  delivery,  and  we  want  to  deliv¬ 
er  acceptable  service  at  the  right  price. 

What  are  some  of  the  things  you’ve  learned? 

Some  of  this  stuff  is  classic  score-card¬ 
ing:  clearly  understood  service-level 
agreements,  carrot-and-stick  elements 
of  financial  rewards  related  to  impor¬ 
tant  metrics.  The  other  things  we’ve 
learned  are  the  importance  of  bench¬ 
marking  your  relationships  in  terms  of 
value  delivery.  There  are  other  metrics 
related  to  total  cost  of  service  delivery, 
[such  as]  service  expense  as  a  percent¬ 
age  of  revenue,  to  be  sure  that  you’re 
responding  to  top-line  pressures  as 
well.  And  you  have  to  have  the  right 
variability  of  your  cost  base  to  deal 
with  cyclicality  of  your  industry. 


Are  there  any  subjective  measures?  We 

Continued  on  page  49 
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Continued  from  page  46 
have  softer  measures  around  cate¬ 
gories  like  partnership  and  innovation. 
When  you’re  dealing  with  top-tier 
technology  providers,  you  want  to  ride 
the  innovation  wave  and  the  R&D  in¬ 
vestments  that  they’re  doing.  The  next 
layer  is  more  granular  feedback  at  the 
key  executive  level. 

How  does  that  work?  The  goal  is  to  be 
able  to  sit  down  with  an  account  exec¬ 
utive  and  say,  “Here  are  the  senior 
people  that  face  off  to  us  from  you. 
Here’s  how  they  are  perceived  on  a 
trended  basis.”  Is  the  level  of  trust  and 
the  perception  of  service  going  up,  or 
is  it  going  down?  That’s  important,  be¬ 
cause  it’s  the  key  individuals  that 
make  a  partnership  work.  I  think  it 
will  work  to  the  vendor’s  benefit  as 
well,  because  they  will  know  the  peo¬ 
ple  that  resonate  with  us  and  the 
people  that  don’t.  And  in  a  multiyear 
partnership,  it’s  critical  to  stay  on 
top  of  that. 

What  are  some  of  the  other  things  that  you 
have  to  get  right?  One  is,  you  can’t  out¬ 
source  a  problem.  If  you  go  back  and 
diagnose  where  partnerships  have 
failed,  it’s  when  somebody  has  taken 
their  mess  and  viewed  outsourcing  as 
abdication  of  ownership.  That’s  always 
been  a  failure.  That’s  meant  that  we 
have  to  hold  ourselves  up  from  a  rigor 
perspective  to  higher  standards. 

What  have  you  done?  You  have  to  make 
the  right  type  of  investments  on  your 
side  on  methods  and  processes  and  en¬ 
sure  that  you’re  not  holding  the  vendor 
accountable  to  the  platinum  standard, 
while  you’re  operating  to  the  bronze. 

Give  me  an  example.  It’s  been  straightfor¬ 
ward  things,  like  the  implementation 
of  MSF  [Microsoft  Solutions  Frame¬ 
work]  as  our  application  development 
methodology.  And  then  on  the  opera¬ 
tions  side,  we’ve  used  their  operations 
framework,  MOF.  And  that’s  helped  us  I 
internally  to  get  more  consistency  of 
terminology,  roles,  processes,  but  the 
second  benefit  of  that  is  that  we’re 
easier  to  do  business  with.  With  my 
offshore  partners,  poorly  structured 
projects  never  work.  But  when  we 
have  structure,  we  get  good  yield  in 
terms  of  project  success  rate,  and 
we’re  also  able  to  tap  into  that  lower-  I 
cost  labor  pool. 

How  do  you  deal  with  service  problems? 

Our  ultimate  tenet  is  it’s  not  closed  un¬ 
til  the  root-cause  analysis  is  done.  It’s 
not  sufficient  for  a  vendor  to  say,  “You 
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had  a  problem  yesterday;  it’s  fixed.” 
That  won’t  be  closed  from  our  per¬ 
spective  until  [the  vendor]  has  gone 
back  and  understood  and  articulated  to 
us  what  the  root  cause  that  led  to  that 
incident  was  and  what  they  are  doing 
to  address  the  root  cause. 

How  do  vendors  feel  about  that?  That  dis¬ 
cipline  has  been  painful  at  times. 

We’ve  had  some  push  back  early  on  be¬ 
cause  they  say,  “Just  manage  us  to  a 
service-level  agreement.  Treat  it  like  a 
black  box;  you  can’t  look  inside.”  But 
we  don’t  believe  that’s  the  way  a  part¬ 
nership  works. 


IT  Problem  Resolution 
At  Merrill  Lynch 

In  a  traditional  straight-through  process  (which 
reads  left  to  right  and  in  blue  in  the  diagram),  the 
vendor  fixes  a  problem  and  the  status  returns  to 
normal.  Merrill  Lynch  reports  a  problem  (1)  and 
then  requires  that  the  vendor  analyze  the  root 
cause  of  the  problem  (2),  address  it  (3)  and  re¬ 
port  back  (4).  Only  then  is  the  incident  closed, 
and  the  status  returns  to  normal. 


VENDOR 

— —  MERRILL  LYNCH 
—  STRAIGHT-THROUGH  PROCESS 


How  have  you  actually  been  developing  IT 
managers  within  this  new  framework?  It’s 
been  a  variety  of  things:  consistent  ex¬ 
posure  to  best  practices,  using  strate¬ 
gic  negotiations  for  large  outsourcing 
deals  as  a  talent  development  opportu¬ 
nity  for  emerging  players,  bringing  in 
external  best  practices  from  the  acade¬ 
mic  and  vendor  communities  and  from 
people  who  have  been  down  this  path 
or  are  going  down  the  path  in  parallel. 
It’s  also  the  multiyear  commitments 
we’ve  made  to  consistent  process  with¬ 
in  the  organization.  Finally,  it’s  work¬ 
ing  with  our  peers  on  [Wall]  Street  to 


share  things  that  we  think  aren’t  neces 
sarily  proprietary  secrets  where  we 
can  all  benefit. 

When  you  establish  a  relationship  and  some 
IT  manager  is  going  to  manage  it,  where 
does  that  person  typically  come  from?  Nor¬ 
mally  they’re  a  seasoned  veteran,  so 
they  bring  with  them  a  fair  amount  of 
diverse  experiences.  They  have  been 
in  varying  roles  that  have  given  them 
day-to-day  interaction  with  external 
providers.  It  might  have  been  a  part¬ 
nership  with  a  commercial  software 
company  to  implement  a  CRM  solu¬ 
tion  or  whatever.  But  they  have  a  bit  of 
muscle  memory  that  we  can  leverage. 

Some  of  the  best  we  have  are  also 
very  good  from  a  sourcing  perspective. 
They’ve  been  involved  in  strategic  ne¬ 
gotiations  on  large  deals  in  the  organi¬ 
zation,  so  they  understand  the  rigor 
and  the  depth  you  need  to  have  with 
relationship  management  to  make  a 
viable  long-term  partnership  work. 
Sometimes  we  give  it  to  our  high  po¬ 
tentials,  because  it’s  a  great  develop¬ 
ment  opportunity. 

Sink  or  swim.  Yes.  But  it  gives  them  a 
great  exposure  to  what  I  think  is  im¬ 
plicitly  an  absolutely  critical  compe¬ 
tency  for  our  profession. 

What  has  been  the  hardest  part  of  this  chal¬ 
lenge?  Transitioning  our  current  base 
of  suppliers  and  getting  them  to  em¬ 
brace  the  practices  and  not  assuming  a 
defensive  posture  when  we’re  trying  to 
implement  some  of  this.  It’s  tough,  be¬ 
cause  we’re  a  tough  client  as  is,  and 
now  we’re  talking  about  even  more. 
[They  wonder  if]  we’re  asking  them 
as  vendors  to  give  us  more  ammo  to 
come  in  and  abuse  them  the  next  time 
we  get  together.  They  worry,  but  when 
you  get  them  through  that  moment  and 
you’re  six  months  into  this,  I  think  they 
understand  and  appreciate  some  of  the 
value  they  get. 

What  is  the  value  for  the  vendors?  There’s 
absolutely  nothing  worse  for  a  vendor 
than  to  bring  in  their  national  manager 
to  talk  about  the  state  of  the  union  and 
get  the  surprise  of  their  life  when  they 
hear  the  litany  of  woes  about  all  the 
things  they’re  not  doing.  Here,  there 
are  no  surprises,  and  I  think  that  bene¬ 
fits  them.  And  problems  don’t  age 
when  you  have  an  infrastructure  like 
this.  Aged  problems  are  when  ill  will 
and  reputational  risk  come  into  play. 

The  nice  part  here  is  it  allows  them  to 
understand  the  hot  spots  in  the  rela¬ 
tionship  at  any  point  so  they  can  get  on 
top  of  them  on  a  timely  basis. 


Selected  Partners 
In  Merrill  Lynch’s 
Virtual  Organization 

AT&T  Corp.  Domestic  wide- 
area  network 

Cable  &  Wireless  Pt.C  Web  hosting 

The  Bank  of  New  York  Co.  Back- 
office  systems  for  Merrill  Lynch  invest¬ 
ment  managers 

Bloomberg  LP  Debt-trading  systems 

Multex.com  Inc.  Research 
distribution 

Barra  Inc.  Risk  analytics 

Unisys  Corp.  European  desktops 

IBM  U.S.  desktops 

Pershing  U.K.  clearing  services  for 
international  private  client  group 

Storage  Networks  Inc.  Storage 

State  Street  Corp.  Merrill  Lynch 
investment  managers’  middle  office 
and  fund  accounting 

Yahoo  Inc.  Digital  media  hosting  and 
distribution 

In  India,  for  application 
development,  maintenance  and 
infrastructure: 

Tata  Consultancy  Services 

SSI  Technologies 

Covansys  Corp. 

Satyam  Computer  Services  Ltd. 


You’ve  been  talking  a  lot  about  metrics.  What 
kinds  of  results  are  you  seeing  from  having 
these  processes  in  place?  The  most  im¬ 
portant  one  is  that  we  are  actually 
achieving  the  savings  that  we  forecast 
with  the  partnerships,  and  we’re  doing 
it  within  acceptable  boundaries  of 
quality  of  service.  Ultimately,  that’s 
success. 

What  have  you  learned?  The  idea  of  em¬ 
bracing  all  these  partnerships  is  a  no¬ 
regret  decision.  Had  I  deluded  myself 
and  thought  that  all  these  areas  were 
core  competencies  and  kept  all  that 
capacity  internally,  I  would  have  had 
much  less  capacity  to  do  things  that 
have  had  true  strategic  value  in  the 
eyes  of  our  business  partners.  N 


Melymuka  is  a  Computerworld 
contributing  writer.  Contact  her  at 
kmelymuka@earthlink.net. 
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To  truly  merge  tech¬ 
nology  and  business 
objectives,  com¬ 
panies  are  cross¬ 
training  workers  to 
the  point  where  it’s 
not  always  easy  to 
tell  their  sales  reps 
from  their  IT  pros. 

By  Melissa  Solomon 

At  the  start  of  each  semester, 

Harvard  Business  School  professor 
Rob  Austin  draws  two  circles  on  the 
blackboard.  He  labels  one  “busi¬ 
ness,”  and  the  other  “IT.”  With  his 
chalk,  he  directs  his  students’  atten¬ 
tion  to  the  spot  in  the  center  where  the  two  intersect. 

“If  you  can  live  in  that  space,  you  will  have  a  job 
forever,”  says  Austin,  who  teaches  technology  and 
operations  and  is  a  consultant  at  Arlington,  Mass.- 
based  Cutter  Consortium. 

It  has  almost  developed  into  a  mantra  within  com¬ 
panies  during  the  past  several  years:  For  technology 
to  be  effective,  IT  workers  need  to  understand  the 
business  objectives.  But  while  many  managers  look 
for  business  know-how  when  hiring  IT  workers, 
there  is  still  only  a  minority  of  companies  that  have 
well-developed  training  programs  in  place  to  hone 
workers’  skills  on  both  sides  of  the  fence. 

WW.  Grainger  Inc.,  a  $4.8  billion  distributor  of 
business  maintenance  products  in  Lake  Forest,  Ill., 
has  created  a  cross-discipline  movement  designed  to 
get  IT  workers  thinking  strategically  about  the  vari¬ 
ous  parts  of  the  business. 

“One  thing  is  for  sure:  Cross-training  will  get  you 
out  of  your  comfort  zone,”  says  Tim  Ferrarell,  senior 
vice  president  of  enterprise  systems.  Since  joining 
Grainger  20  years  ago,  Ferrarell  has  moved  from 
positions  in  product  management  and  marketing 
to  business  planning  and  on  to  his  current  role 
in  IT.  Moving  into  new  roles  has  forced  him  to  face 
and  conquer  the  unknown,  Ferrarell  says.  But  it  can  be 
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difficult  to  effectively  lead  a  team  that  knows  you’re  a 
rookie  who’s  just  learning  the  ropes  in  your  latest  role. 

One  lesson  learned:  “Get  comfortable  with 
saying,  ‘I  don’t  know  but  will  find  out,’  ”  Ferrarell 
advises.  “The  old  saying  ‘Fake  it  till  you  make  it’ 
doesn’t  work,  particularly  with  the  technical  team.” 

With  the  goal  of  infusing  IT  and  non-IT  managers 
with  the  ability  to  think  strategically  and  understand 
how  each  aspect  of  the  business  affects  all  the  other 
parts,  Grainger  regularly  moves  managers  across  dis¬ 
ciplines  —  from  marketing  to  IT,  from  field  office 
work  to  corporate  office  work,  from  regional  sales 
offices  to  distribution  centers  —  as  a  sort  of  training- 
under-fire  program. 


Individual  Paths 

Each  Grainger  employee  has  a  customized  profes¬ 
sional  development  plan,  and  they’re  assigned  new 
roles  to  gain  the  skills  they  need.  The  length  of  time 
in  each  role  varies,  depending  on  the  specific  skills 
and  experience  the  worker  needs  to  attain.  After 
completing  a  stint  in  a  particular  department,  some 
workers  return  to  their  original  jobs,  while  others 
may  go  to  yet  another  department. 

To  learn  how  technology  can  further  Grainger’s 
business  objectives,  Ferrarell  shifted  from  an  execu¬ 
tive  role  in  marketing  to  his  current  one  in  IT.  On 
the  flip  side,  the  vice  president  who  previously  ran 
the  IT  department  at  Grainger  is  now  the  company’s 
executive  vice  president  of  marketing  and  sales. 

To  supplement  the  on-the-job  training,  Grainger 
has  an  in-house  program  supplemented  by  consult¬ 
ing  services  from  the  Colorado  Springs-based  Center 
for  Creative  Leadership.  Together,  the  two  programs 
offer  all  employees  some  lessons  about  specific 
pieces  of  the  business  —  something  training  experts 
say  is  rare.  For  example,  the  training  center  offers 
workers  from  all  areas  of  the  company  courses  on 
topics  ranging  from  supply  chains  to  customer  ser¬ 
vice  to  marketing.  It  also  has  an  in-house  executive 
education  program  based  on  Grainger’s  strategy. 

“I’d  say  it’s  invaluable,”  Ferrarell  says  of  Grainger’s 
cross-training  culture.  He  says  he’s  always  appreciated 
the  company’s  strategy,  but  since  moving  to  IT  earlier 
this  year,  he  better  understands  how  to  put  that  strat¬ 
egy  into  operation.  For  instance,  he  has  spent  much  of 
the  past  year  learning  about  how  to  get  the  most  out 
of  Grainger’s  SAP  enterprise  resource  planning  sys¬ 
tem  to  make  the  business  run  more  efficiently. 

“Oftentimes,  people  confuse  training  with  exper¬ 
tise,”  he  says. 


The  Big  Picture 


A  March  2002  poll  by  online  publication  Gallup 
Management  Journal  found  that  only  31% 
of  workers  are  actually  engaged  in  their  jobs 
and  directly  contributing  to  the  goals  of  the 
company.  The  study  analyzed  psychometric,  attitudi- 
nal  and  financial  data  across  more  than  10,885  busi¬ 
ness  units  in  51  organizations  in  23  industries. 

So,  how  do  you  get  the  other  69%  en¬ 
gaged?  IT  managers  and  learning  experts 
say  the  key  is  to  give  workers  big-picture 
goals.  Rather  than  have  them  complete  a  set 


POLL 


of  tasks,  put  them  on  a  team  charged  with  fulfilling  a 
major  goal,  such  as  launching  a  new  product  or  creat¬ 
ing  new  customer  service  channels.  Then  give  them 
the  means  -  through  conferences,  workshops,  inter¬ 
nal  training  and  mentoring  programs  -  to  acquire  the 
skills  they  need  to  meet  those  goals. 

“It's  like  throwing  puzzle  pieces  at  people  without 
ever  showing  them  the  full  puzzle,"  says  Rich  Berens, 
executive  vice  president  of  client  services  at  Maumee, 


Ohio-based  Root  Learning  Inc.  and  a  former  director 
of  the  company’s  technology  service.  If  you  give 
employees  the  big  picture,  they’ll  come  to  their  own 
conclusions,  he  says.  “People  will  tolerate  your  con¬ 
clusions,  but  they  act  on  their  own.” 

Project-based  training  provides  motivation  and 
turns  learning  into  a  priority  for  workers,  says 
Harvard  Business  School  professor  Rob 
Austin.  IT  workers  in  a  finance  seminar  might 
question  why  they're  learning  about  credits 
and  debits,  but  if  it’s  applied  in  the  context 


of  the  $50  billion  enterprise  resource  planning  imple¬ 
mentation  being  launched  the  following  month,  it 
takes  on  new  meaning,  says  Austin.  The  benefits  of 
such  on-the-job  cross-training  via  cross-functional 
projects  can  be  tremendous.  When  you’re  at  a  project 
meeting  and  you  can’t  tell  who’s  in  sales  and  who’s  in 
IT,  you  know  that  your  cross-training  objectives  have 
been  met,  he  says. 

-  Melissa  Solomon 


At  North  field,  Ill.-based  Kraft  Foods  Inc.,  cross¬ 
training  is  very  much  an  out-of-classroom  experi¬ 
ence.  “Conferences  and  classes  and  reading  books 
will  never  make  you  an  expert  on  anything,”  says 
Margaret  Schweer,  director  of  human  resources  for 
information  systems  at  Kraft  Foods.  “Some  of  the 
most  powerful  learning  you’re  going  to 
have  is  in  the  context  of  the  job.” 

She  cites  some  of  Kraft’s  homegrown 
leaders  as  examples.  Mark  Johnson 
came  to  Kraft  with  a  bachelor’s  degree 
in  information  systems  but  spent  10 
years  selling  Kraft  products.  About  two 
years  ago,  he  took  an  application  devel¬ 
opment  job,  and  he’s  now  director  of  in¬ 
formation  systems  for  sales. 


PUTTING  THE 
PIECES  TOGETHER 


Training  for  IT  workers  at  Kaiser  Per- 
manente  goes  beyond  bits  and  bytes 
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‘We  have  a  lot  of  those  examples,”  says  Schweer. 
“That’s  not  unusual  for  us.” 

She  says  that  Kraft,  like  Grainger,  thinks  in  terms 
of  enhancing  employees’  capabilities  across  a  broad 
range  of  functional  business  areas  so  they  can  move 
from  job  to  job  or  department  to  department  based 
on  their  needs  and  the  needs  of  the  company.  Kraft 
has  a  yearlong  leadership  program  that  teaches 


prospective  IT  managers  accounting,  basic  finance 
and  industry-specific  facts.  It  also  teams  participants 
with  mentors  who  teach  them  about  the  business  and 
listen  to  their  views  from  a  technology  perspective. 

It  s  hard  to  have  a  truly  articulate  conversation 
about  technology  if  you  don’t  understand  the  busi- 

_  ness,”  says  Schweer. 

That’s  the  “last  mile”  of  software  de¬ 
velopment:  tying  technology  directly 
to  business  objectives,  says  Buzz  Mor- 
ley,  e-business  project  manager  at  Cole 
Haan,  a  Yarmouth,  Maine-based  shoe 
and  apparel  maker.  To  do  that,  it’s  not 
just  IT  workers  who  need  to  learn 
about  the  business.  Often,  business 
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workers  don’t  understand  even  basic  spreadsheet 
concepts,  so  they  have  trouble  using  the  available 
technology  to  meet  their  business  goals,  says  Morley. 

If  they  don’t  grasp  the  complexity  of  technology, 
business  managers  can  doom  projects  by  ignoring  or 
fast-forwarding  past  important  technological  issues 
that  could  create  problems  later  or  minimize  the 
benefits  of  a  project,  says  Harvard’s  Austin.  For 
example,  since  the  advent  of  Web  architecture,  sys¬ 
tems  have  grown  increasingly  complex.  There  are 
so  many  new  components  in  networks  that  there 
are  more  opportunities  to  gain  efficiencies. 

But  Austin  says  there  are  also  more  risks  that 
something  will  go  wrong.  Business  managers  who 
think  “you  kick  butt  to  make  a  project  work”  rather 
than  addressing  the  technology  complexities  as  they 
arise  can  hurt  a  project,  he  says,  because  they  can 
only  sweep  the  problems  under  the  rug  for  so  long. 

But  it’s  often  easier  to  teach  IT  workers  business 
skills  than  it  is  to  teach  nontechnical  people  tech¬ 
nology,  says  Austin. 

“There’s  less  of  an  eye-glazing  effect,”  he  says,  i 


Solomon  is  a  freelance  writer  in  New  York. 
Contact  her  at  melsolo70@hotmail.com. 
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U.K.  to  Toughen 
Privacy  Laws 

The  U.K.’s  Data  Protection  Com¬ 
mission  last  week  warned  that  it 
intends  to  step  up  enforcement  of 
the  Data  Protection  Act  of  1998 
and  take  a  proactive  stance  to¬ 
ward  investigating  business  com¬ 
pliance  with  privacy  rules.  En¬ 
forcement  of  the  law  has  been 
spotty  thus  far,  and  the  commis¬ 
sion  said  it  anticipates  that  its  ag¬ 
gressive  stance  will  lead  to  more 
sanctions  against  companies  that 
aren’t  in  compliance.  The  com¬ 
mission  has  set  up  an  enforce¬ 
ment  board  to  lead  the  effort. 

U.S.  companies  operating  in 
Europe  face  stringent  privacy  re¬ 
quirements  that  limit  the  sharing 
of  customer  data. 


New  CMM  Due  for 
Release  Next  Year 

Software  experts  at  Carnegie 
Mellon  University  are  working  on 
an  updated  version  of  the  Capa¬ 
bility  Maturity  Model  (CMM),  a 
widely  used  guide  for  improving 
software  development  and  man¬ 
agement  processes.  The  updated 
model  will  be  geared  toward  cor¬ 
porate  IT  organizations  and  com¬ 
mercial  software  developers,  said 
Jeff  Perdue,  the  head  of  the  proj¬ 
ect  at  the  Pittsburgh-based  uni¬ 
versity.  He  said  the  update  team 
is  seeking  input  on  the  revised 
model.  For  more  information,  go 
to  www.isri.cmu.edu/sw-cmm. 


JOHN  BERRY 


THERE’S  NO  DOUBT  that  Wal-Mart  is  an 

economic  powerhouse.  Many  trading  part¬ 
ners  have  felt  the  jackboot  of  the  retailer’s 
pricing  proposition.  The  spirit  of  its  stance 
is  this:  “Here’s  the  price  we’ll  pay  for  your 
product.  You  figure  out  how  to  make  it  profitably,  or 
we’ll  find  someone  else  who  can.”  It  could  be  called 
change  management  by  ultimatum. 


As  successful  as  Wal-Mart 
has  been  in  wringing  out  op¬ 
erational  inefficiencies  in  its 
suppliers  —  and  dealing 
with  the  economy  —  en¬ 
lightened  managers  know 
that  changing  business 
processes  and  people  pivots 
more  on  the  art  of  diploma¬ 
cy  and  persuasion  than  on 
coercion.  It  isn’t  in  a  manag¬ 
er’s  long-term  interest  to 
bully  employees  into  accept¬ 
ing  change  without  prepar¬ 
ing  them  for  it. 

Yet  too  often  the  opera¬ 
tional  and  strategic  change 
brought  about  by  software 
investment  is  overlooked  in  the  business 
case.  This  is  a  dangerous  oversight,  con¬ 
sidering  that  many  kinds  of  enterprise 
applications  re-engineer  business  proc¬ 
esses,  reorder  workflows  and  create  new 
job  functions  and  eliminate  others. 

Before  managers  can  embark  on  a 
change  management  exercise,  they  must 
not  only  identify  where  in  the  organiza¬ 
tion  change  will  occur,  but  also  antici¬ 
pate  how  the  change  will  impact  em¬ 
ployee  job  responsibilities.  As  it  hap¬ 
pens,  the  metrics  constructed  in  an  eco¬ 
nomic  assessment  value  model,  if  accu¬ 
rate,  will  reveal  these  phenomena.  Once 
a  preliminary  economic  model  is  built, 
managers  can  get  underneath  the  met¬ 
rics  to  think  hard  about  the  nature  of  the 
change  that  needs  to  happen  for  those 
benefits  to  materialize.  Ignoring  this  ex¬ 
ercise  guarantees  dashed  expectations 
around  the  economic  returns  of  a  soft¬ 


ware  investment. 

Back  to  retail.  Let’s  as¬ 
sume  that  a  manufacturer 
wants  to  invest  in  a  compre¬ 
hensive  suite  of  supply 
chain  modules  to  work  col- 
laboratively  with  its  trading 
partners  in  order  to  elimi¬ 
nate  supply  chain  inefficien¬ 
cies.  Here  are  some  of  the 
metrics  that  grow  out  of  an 
economic  value  model,  and 
the  change  they  reflect: 

■  A  manufacturer  can 
dramatically  reduce  its  held 
finished  goods  inventory  in 
a  collaborative  supply  chain 
environment.  What’s  the  as¬ 
sumed  change?  Retailers  have  to  extend 
their  short-order  cycles  to  better  align 
with  longer  manufacturing  cycles.  Are 
they  prepared  to  do  this  if  it  means  car¬ 
rying  more  items  for  a  somewhat  longer 
period  of  time? 

■  Working  capital  efficiency  can  im¬ 
prove  if  the  manufacturer  can  better 
manage  its  raw  material  inventories. 

The  assumed  change  is  that  the  retailers 
share  proprietary  information  about 
customer  behavior  with  the  manufactur¬ 
er  at  the  point  of  sale,  since  coordinated 
supply  chain  value  derives  fundamental¬ 
ly  from  a  universal  view  of  customers. 
Given  this,  the  manufacturer  and  retail¬ 
ers  must  also  build  in  organizationally 
collaborative  processes  to  plan  for  fu¬ 
ture  customer  demand.  This  is  called 
trust  and  cooperation. 

■  The  economic  model  also  reveals  a 
host  of  other  metrics-based  benefits: 


better  asset  utilization  because  of  tight 
collaboration  with  retailers,  a  reduction 
in  the  incidence  of  out-of-stock  items, 
and  increased  revenue  due  to  retailers’ 
smarter  merchandising  and  planning  of 
promotional  events  through  their  de¬ 
ployment  of  supply  chain  applications. 
The  assumed  change?  One  is  that  your 
manufacturing  rep,  retained  to  earn 
commission  on  sales  to  this  particular 
retailer,  is  loving  all  this. 

Most  reps  are  independent  contrac¬ 
tors  who  sell  a  range  of  complementary 
items  to  retailers  from  different  manu¬ 
facturers.  But  life  may  be  very  different 
after  an  IT-enabled  scenario  in  which 
manufacturer  and  retailer  are  joined  at 
the  cash  register.  In  the  rare  case  where 
a  large  manufacturer  employs  reps,  how 
can  it  deploy  their  knowledge  and  skills 
to  other  activities  when  at  least  some  of 
their  job  functions  have  been  automat¬ 
ed?  On  a  basic  level,  a  rep  may  spend  far 
less  time  traveling  to  stores  and  talking 
up  additional  sales,  and  a  lot  more  time 
sitting  in  front  of  the  application  trying 
to  help  retailers  with  a  strategy  for  more 
sales  to  their  customers. 

These  examples  might  represent  a 
fraction  of  the  change  wrought  by  col¬ 
laborative  supply  chain  management. 
Whether  any  of  these  specific  scenarios 
come  to  pass  is  less  important  than  the 
idea  that  because  change  is  inevitable, 
the  economic  model  might  be  the  best 
place  to  clarify  thinking  about  the  impli¬ 
cations  of  the  technology  investment. 
Once  you  have  completely  articulated 
the  nature  and  degree  of  change,  you 
can  adjust  your  economic  model  to  re¬ 
flect  the  risks,  costs  and  time  in  prepar¬ 
ing  for  this  reality.  You  now  have  a  fully 
loaded  model  to  present  to  executives. 

And  if  you  hire  a  change  management 
guru,  hand  him  the  economic  model 
with  all  the  metrics  that  whisper  im¬ 
pending  change  and  say,  “Start  here.”  He 
might  find  your  preparation  a  welcome 
change.  I 
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john  berry  is  an  IT  man¬ 
agement  consultant  and 
analyst  In  Bend,  Ore. 
He's  currently  writing  a 
book  about  the  mea¬ 
surement  of  intangible 
assets.  Contact  him  at 
vision@accordmg2jb.com . 
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to  Way4  customer  for  life. 

He  anticipates  his  events’  every  need.  He  expects  the  same.  And  that's  just 
what  happened  when^yYjlliaip’s  credit  card  company  detected  a  suspicious 
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charge.  Since  his  cellphone  ^  activated  on  the  network,  the  bank  could  get 
to  him  immediately  with  lcopy  of  the  transaction.  The  charge  was  legit. 
Yep,  he  was  spared  theihassle  of  his  card  refused  in  front  of  clients  at  the 
clubhouse.  At  Nortel  Networks™  we  call  this  "the  engaged  business 
model."  And  we  make  it  possible  by  enabling  business  to  engage  their 
customers  through  delivering  critical,  time-sensitive  information  on 
whatever  device  they  prefer.  Before  they  even  know  they  need  it.  So 
businesses  can  win  the  loyalty  necessary  to  build  a  solid  revenue  base. 
Leveraging  solutions  like  contact  centers  and  application-aware 
switching.  Insuring  user  mobility  and  network  continuity.  Accelerating 
productivity  while  lowering  costs.  The  results:  customers  like  William 
become  customers  for  life.  All  delivered  by  our  enterprise  vision.  One 
network.  A  world  of  choice,  nortelnetworks.com/onenetwork 
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IT  Director-Atrica,  a  leading 
provider  of  Optical  Ethernet 
solutions,  is  looking  for  qualified 
applicants  for  the  position  of 
IT  Director.  Will  oversee  the 
company’s  technical  direction  for 
product  development,  and  direct 
development  of  internal  IT  infra¬ 
structure.  Requires  experience 
directing  technical  operations  & 
systems  development.  Please 
forward  resume  to:  Atrica,  Inc., 
attn:  Lynnette  Fisher,  3255-3 
Scott  Blvd.,  Santa  Clara,  CA 
95054;  fax  (408)  982-1921 ;  or  e- 
mail:  jobs@atrica.com  Visit  our 
website  at  http://www.atrica.com 
EOE 


SnapStream  Media,  Inc.  is  a 
leading  developer  of  digital  en¬ 
tertainment  software  and  appli¬ 
cations  paving  the  way  for  the 
streamlined  digital  connection 
between  networking  technology 
and  digital  devices  as  well  as 
PC's.  Our  company  currently  has 
openings  for  the  following: 

Systems  Analysts:  Analyze,  de¬ 
sign,  develop,  test,  and  implement 
computer  applications  for  digital 
media  using  XML,  C++,  SOAP, 
and  DirectX.  Create,  edit,  and 
enhance  test  applications  using 
Windows  Programming,  Windows 
Applications  Programmer  Inter¬ 
face,  VB  Scripting,  and  Windows 
Media  Software  Development  Kit. 
Candidate  will  be  responsible  for 
implementing  release  build  pro¬ 
cedures  throughout  the  life  cycle 
and  compose  final  production  re¬ 
leases  using  Wise  for  Windows 
Installer  and  Microsoft  ORCA 
database  tool.  Perform  user  ac¬ 
ceptance  testing,  regression, 
and  functional  testing  using  Em- 
pirix  E-tester.  Requires  a  Bach¬ 
elor's  in  Computer  Science  or  a 
related  field  and  1  year  of  expe¬ 
rience. 

Send  resume  to:  ATTN:  Mr.  Rakesh 
Agrawal,  C.E.O.,  Snapstream 
Media,  Inc.,  6730  Long  Drive, 
Houston,  TX.  77087  or  via  email 
at:  recruit@snapstream.com 


Desmac  Corporation,  is  an  IT 
and  computer  software  firm  spe¬ 
cializing  in  data  driven  business 
applications  including,  Internet, 
Intranet,  client-server,  sales  force 
automation,  and  E-commerce 
applications.  Our  company  cur¬ 
rently  has  openings  for  the 
following: 

Programmer  Analysts:  Plan,  test 
and  develop  Internet  based  pro¬ 
grams  for  ERP,  customer  relation¬ 
ship  management,  sales  force 
automation,  and  E-commerce 
using  SOAP  and  XML-remote 
procedure  call.  Design  and  de¬ 
velop  applications  using  .Net, 
Visual  Studio,  Advanced  Reve¬ 
lation,  Java,  and  Flash  on  Oracle 
and  SQL  Server  databases.  In¬ 
teract  with  clients  to  design  the 
functions  of  software  according 
to  client  specifications.  Requires 
Bachelor's  degree  in  Engineer¬ 
ing  or  a  related  field  and  2  years 
of  experience. 

Send  Resume  to:  ATTN:  Mr.  Yaron 
Pacht,  President,  Desmac 
Corporation,  1605  S.  Parkway, 
Suite  105,  Sugar  Land,  TX 
77478  or  via  e-mail  at:  hrjobs 
@  desmac.com 


Computer  Systems  Analyst  - 
Des  Moines,  Iowa:  Design, 
Develop  and  Implement  the  next 
generation  IP  platforms  using 
tools  and  software  such  as  Java, 
C,  C++with  back  end  Oracle, 
SQL,  Sybase  databases  to 
implement  the  next  generation 
IP  platforms  suchas  Unix,  windows 
to  provide  an  integrated  man¬ 
agement  system.  Bach  Degree 
in  Comp.  Science,  Math  or  Engg 
w/2  yrs  of  exp.  in  job  offered  or 
as  Programmer  Analyst/Systems 
Analyst  reqd.  M-F;  9.30AM-6PM. 
$76000/yr.  Send  two  resumes  to: 
#Job  Order  Number  1101619, 
Iowa  Workforce  Center,  215 
Watson  Powell,  Jr.  Way.  Des 
Moines,  Iowa  50309-1727. 


CyberSoft  Technologies,  Inc.  is  a 
rapidly  growing  computer  busi¬ 
ness  system  and  technology  so¬ 
lutions  provider  specializing  in 
Web-based  solutions,  web  inte¬ 
gration,  databases,  data  ware¬ 
housing,  CRM,  CTI,  and  knowl¬ 
edge  management.  Cybersoft 
currently  has  openings  for  the 
following: 

Systems  Analysts:  To  analyze, 
design,  develop,  implement,  and 
test  web  applications  using  web 
design  and  interface  tools  Illus¬ 
trator,  Fireworks,  and  Cascading 
Style  Sheets,  as  well  as  Active 
Server  Pages,  .NET,  Oracle, 
Sybase,  VC++,  EJB,  WebLogic, 
C  Sharp,  and  Seagate  Crystal 
Reports,  UNIX  and  LINUX  oper¬ 
ating  systems.  Candidate  must 
be  able  to  use  functional  knowl¬ 
edge  of  web-based  applications 
and  database  structure  for  appli¬ 
cation  development  and  installa¬ 
tion.  Need  Bachelor's  degree  in 
Computer  Science  or  a  related 
field.  Need  2+  years  of  experi¬ 
ence. 

Send  resume  to:  ATTN:  Human 
Resources:  Cybersoft  Technolo¬ 
gies,  Inc.,  4420  FM  1960  West, 
Suite  #222,  Houston,  TX  77068- 
3411  or  via  email:  infomaster 
@  cy  be  rsofttech  .com 


Senior  Principal  Engineer  -  CCBS; 
Dulles,  Virginia:  Provide  technical 
customer  support  for  US  &  inter¬ 
national  users  of  the  five  in¬ 
stances  of  the  Customer  Care  & 
Billing  System  (CCBS)  &  its 
interfaces  to  the  relevant  media¬ 
tion  devices  &  switches.  Analyze 
&  determine  which  system,  data¬ 
base,  business  process  or  inter¬ 
face  has  caused  the  problem  & 
provide  solutions.  Create  scripts 
to  fix  or  monitor  the  databases. 
Provide  guidance  &  recommen¬ 
dations  regarding  business  prac¬ 
tice  modifications.  Work  with 
switch  &  mediation  device  engi¬ 
neers  &  technical  users  worm¬ 
wide  to  test  &  implement  CCBS. 
Apply  knowledge  of  Oracle  and 
UNiX  systems,  GUI,  switch  & 
mediation  device  databases  &  all 
of  the  business  processes  of  the 
billing,  invoicing  and  provisioning 
systems.  Bachelor's  degree  or 
equivalent  in  Electrical  Engi¬ 
neering  or  a  closely  related 
field. &  6  yrs  exp.  in  the  position 
offered  or  in  a  systems  engi¬ 
neering  position  two  yrs  of  which 
must  have  been  in  the  telecom¬ 
munications  industry.  6  yrs  exp. 
must  include  at  least  two  yrs  exp 
with  switch  protocols,  mediation 
devices,  oracle  databases,  tele¬ 
com  products  &  billing  systems 
&  billing  product  development. 
40  hrs  per  wk,  domestic  &  int'l 
travel  required  (25%).  Send 
resume  to  Carrie  Carr-Main, 
ORBCOMM,  21700,  Atlantic 
Boulevard,  Dulles,  VA  20166 


Software  Engineer  Needed  to 
develop  middle-ware  components 
for  real-time  management  and 
testing  of  various  network 
devices  utilizing  a  common 
platform  to  manage  CDMA, 
TDMA,  GSM  and  other  environ¬ 
ments.  MS  in  C.  Science  or 
related  field  &  programming 
experience  in  Java,  XML,  CORBA, 
Visibroker  required.  Send  resumes 
/salary  history  to:  Alexander 
Gavrilov,  SoftTrend,  Inc.,  6160 
N.  Cicero,  Suite  124,  Chicago,  IL 
60646. 


Chief  Computer  Programmer: 
Plan,  develop,  program,  test  & 
document  computer  programs 
using  structured  analysis;  ana¬ 
lyze  &  write  detailed  program 
specifications;  design  &  deploy 
systems  using  Sterling’s  COOL: 
GEN.  Oracle  9iAS,  Oracle 
Designer  6i,  &  Oracle  Developer 
6i.  Req.  BS  in  CS  or  related  or 
foreign  equiv  degree  plus  4  yr 
work  exp.  Hrs:  8a-5p,  M-F.  Send 
resume  to  Moorecroft  Systems 
202  Abbey  Ct.,  Alpharetta,  GA 
30004  Ref  ST. 


PROGRAMMER  ANALYST 
To  work  in  various  unanticipated 
locations  throughout  the  U.S. 
Duties:  Analyze,  develop,  test  and 
document  computer  programs 
including  business  applications 
and  network  communication  pro¬ 
grams.  Evaluate  user  requests 
and  software  program  require¬ 
ments  for  new  and  modified  pro¬ 
grams.  Write  specifications,  code, 
test  and  debug  computer  pro¬ 
grams.  Use  of  Oracle,  Oracle 
Database,  Developer  2000,  HTML, 
TOAD  and  Windows  NT.  Bachelor’s 
degree  in  Computer  Science, 
Computer  Applications  or  Math¬ 
ematics,  plus  1  year  in  the  job 
offered  or  1  year  in  a  related 
occupation  including  Systems 
Analyst  or  Programmer.  40  Hrs/wk, 
9AM-6PM,  $51,910.00/yr.  Must 
have  proof  of  legal  authority  to 
work  in  the  United  States.  Send 
your  resume  to  Iowa  Workforce 
Center,  902  W.  Kimberly  Road, 
Suite  51,  Davenport,  IA  51806- 
5783.  Please  refer  to  Job  Order 
IA1101624.  Employer  paid  ad¬ 
vertisement. 


E  Computer  Technologies,  Inc., 
is  a  computer  and  technology 
solutions  provider  of  business- 
to-business  and  E-commerce 
application  implementation  and 
integration  services  specializing 
in  E-purchasing  systems.  Our 
company  currently  has  openings 
for  the  following: 

Programmer  Analyst:  Analyze, 
design,  develop,  test,  and  imple¬ 
ment  B2B,  Enterprise  Resource 
Planning,  and  Customer  Rela¬ 
tionship  Management  technolo¬ 
gies  and  applications  using  Oracle 
on  UNiX,  and  IBM  mainframe 
with  Customer  Information  Control 
System,  Job  Control  Language, 
COBOL  II,  SQL,  and  DB2  data¬ 
base  on  Multiple  Virtual  Storage 
/Enterprise  System  Architecture. 
Conduct  requirements  analysis 
and  perform  unit,  functional,  in¬ 
tegration  and  system  testing 
of  the  converted  applications. 
Interact  with  clients  to  design  the 
functions  of  software  according 
to  client  specifications.  Need 
Bachelor's  degree  in  Computers, 
Engineering,  or  related  field  and 
2  years  of  experience. 

Send  Resume  to:  Mr.  Ravi  Kumar 
Gadde,  Sr.  Systems  Analyst,  E 
Computer  Technologies,  Inc., 
777  S.  Central  Expressway,  Ste 
#4-F,  Richardson,  TX  or  via  e-mail 
at:  jobs@ecomputertech.com 


MindTree  Consulting,  an  expand¬ 
ing  IT  consulting  company  offering 
product  realization  services  to 
Internet  infrastructure  and  device 
vendors,  is  searching  for  qualified 
IT  professionals  to  join  its  growing 
team.  Presently,  we  have  posi¬ 
tions  for  Network  Administrators 
and  Software  Consultants.  Ex¬ 
perience  with  Cisco  Router, 
Compaq  servers,  Implemented 
Checkpoint  network  security  fire¬ 
walls,  Rational  Rose,  iPlanet 
Webserver,  Sun  Microsystem's 
J2EE  architecture  desired.  Qual¬ 
ified  applicants  will  have  a  bach¬ 
elor's  degree  in  a  relevant  field 
and  qualifying  industry  experi¬ 
ence.  Positions  may  require 
relocation  to  various  client  sites 
throughout  the  United  States. 
Qualified  applicants  submit 
resumes  to  HR  Department,  The 
Tower  at  270  Davidson  Avenue, 
Suite  305,  Somerset,  NJ  08873. 


Lead  BW  Analyst  -  Prov  tech 
suppt  for  Data  Warehouse  initia¬ 
tives  using  SAP's  BW  s/w. 
Analyze,  design,  develop,  imple¬ 
ment  &  suppt  SAP  R/3  &  BW 
Rptg  solutions  using  SAP  BW 
database  designs,  data  modeling, 
relational  databases,  OLAP,  SQL 
&  visual  development  environ¬ 
ments.  Bach's  deg  in  Comp  Sci, 
Physics  or  Engrg  reqd  +  4 
yrs  exp  in  job.  Fax  resumes  to: 
201-825-7567. 


Tekstrategy  Inc.  is  a  leading  in¬ 
formation  technology  and  soft¬ 
ware  development  firm  delivering 
customized  technology  products 
and  services  to  businesses 
worldwide.  We  are  presently 
looking  for  the  following: 

Software  Engineers:  To  design, 
develop,  maintain  and  implement 
product  design  and  manufactur¬ 
ing  applications  using  Oracle 
Developer,  Peoplecode,  SQR, 
and  C++  on  UNIX  and  Windows 
Operating  Systems.  Develop, 
test,  and  maintain  interfaces  be¬ 
tween  Grade  and  legacy  systems 
using  Triggers,  data  administra¬ 
tion  operation  tools,  object  security, 
reporting  tools  used  for  Oracle 
Financials,  and  tree  manager 
Peopiesoft  query.  Need  Bachelor's 
in  Computer  Science  or  Engi¬ 
neering.  Need  4  years  of  experi¬ 
ence. 

Send  resume  to:  Venkat  Iyer, 
Tekstrategy  Inc.,  5024  Nautica 
Lake  Circle,  Green  Acres,  FL 
33463,  or  via  e-mail:  viyer@ 
tekstrategy.com 


Strongsville  Software  Co.  needs 
Project  Engineer  to  be  responsible 
for  assisting  in  the  adaptation 
/modification  of  state  of  the  art 
machine  control  software  pack¬ 
ages  for  company's  require¬ 
ments;  assist  in  the  designing, 
adaptation,  modification,  testing, 
implementation,  installation,  and 
service  of  equipment  and  soft¬ 
ware  in  customer's  facilities,  under 
the  supervision  of  the  engineer; 
assist  in  providing  customer  sup¬ 
port  for  PC  hardware  and  soft¬ 
ware,  interoffice  training  and 
customer  training  on  software 
developed  by  the  company,  under 
the  supervision  of  the  engineer. 
Bachelor's  Degree  in  Applied 
Mathematics  (or  equiv)  and  min. 
3  months  in-job/job  related  exp 
is  required.  Exp  must  include 
work  with  RSLINX,  RSVIEW, 
RSLOGIX,  Autocad,  Microstation, 
MS  Access,  MS  Excel,  and  MS 
Word.  Resumes  to:  e-JobAds, 
271 13  Brookpark  Rd.  Ext.  #127, 
North  Olmsted,  OH  44070. 


Applications  Programmer  Lead  - 
Responsible  for  developing  or 
modifying  procedures  required 
to  solve  complex  problems  taking 
into  consideration  computer 
equipment  and  capacity  and 
limitation,  operating  time  and 
form  of  desired  results.  Will  be 
responsible  for  program  design, 
coding,  testing,  debugging  and 
documentation.  Required:  Bach¬ 
elor's  Degree  or  foreign  degree 
equivalent  in  Computer  Science, 
Information  Systems,  Engineering 
or  related  field  and  five  years' 
related  experience  required  or 
Master's  degree  or  foreign  degree 
equivalent  in  one  of  the  stated 
fields  and  three  years'  relevant 
experience.  Experience  must 
include  Java  language  skills  to 
include  J2EE;  Struts;  C++  and 
PI/SQL.  40+  hours  per  week, 
Monday  through  Friday,  8:00 
a.m.  to  5:00  p.m.  Send  resume 
to  Attn:  David  Godbee,  BellSouth 
Advertising  &  Publishing  Corpo¬ 
ration,  2247  Northlake  Parkway, 
Mailstop:  06C  617,  Tucker,  Georgia 
30084. 


Infogen  is  seeking  IT  profession¬ 
als.  Req.  BS.  Skills  in  following 
area  are  plus:  Qracle9i,  Weblogic 
/  WebSphere,  C++,  Visual  C++, 
VB,  COM,  STL,  MTS,  MSMQ, 
ASP,  Java,  HTML,  XML,  MTS, 
MSMQ,  ADO,  UML.  Travel  is 
required.  Send  resume  to 
infojobs  @  infogeninc.com. 

KBTS  Tech  is  looking  for  Sys¬ 
tem/Quality  Analysts.  Install  and 
configure  Sun  Solaris  8/2.6  on 
Sun  E3500,  E450  Enterprise 
Servers  &  Sparc  workstations. 
Also  configure  I/O  devices  (Eth¬ 
ernet,  SCSI  and  tape  drives)  and 
other  peripherals.  Minimum  BS. 
Apply  at  info@kbtstech.com. 
EOE 


SYSTEMS  ANALYST  Analyzes 
user  requirements,  procedures 
and  problems  to  automate  pro¬ 
cessing  or  to  improve  existing 
computer  systems. 

Must  be  able  to  travel  extensively. 
Bachelor  of  Science,  Engineering 
or  Math  related  2yrs  experience 
in  job  offered. Included  in  the 
2  yrs  job  experience  in  Oracle 
Financials  1 1  i,  HR/payroll  1 1  i,  on 
GL,  AR,  AP,  OE,  OAB,  AOL  and 
HR/Payroll  modules,  FSG,  Oracle 
Fast  Formulas,  SQL*  Loader 
scripts,  Unix  scripting  for  batch 
jobs  and  CRON  jobs,  Pro*C  in¬ 
cluding  front-end  development 
using  Oracle  Reports  6i  and 
Oracle  Discoverer  4i,  Designer 
2000,  API's  with  PL/SQL  web 
tool  kit. 

Apply  by  resume  to  Human 
Resources  Department,  Capricorn 
Systems  Inc.,  3569  Habersham 
at  Northlake,  Bldg  K,  Tucker  GA 
30084. 


Seeking  qualified  applicants  for 
the  following  position  in  Memphis, 
TN:  Technical  Advisors.  Provide 
technical  advice  and  expertise  to 
systems  development  project 
groups  in  defining,  developing 
and  reviewing  existing,  as  well 
as  proposed,  applications  for 
major  computer  systems. 
Requirements:  Bachelor's  degree* 
in  computer  science,  math,  MIS 
or  related  field  plus  7  years  of 
experience  in  systems/applications 
development,  including  program¬ 
ming.  Experience  with  Visual  Basic, 
SQL  Server,  and  Server  hardware 
also  required.  'Master's  degree 
in  appropriate  field  will  offset  2 
years  of  general  experience. 
Submit  resumes  to  Chris  Gibney, 
Federal  Express  Corporation, 
2600  Nonconnah  Blvd.,  Suite 
191,  Memphis,  TN  38132.  EOE 
M/F/D/V. 


SW  Eng:  Design  Windows  and 
Unix  applications  for  streaming 
video  and  video  conferencing 
products  over  Ethernet  and  ATM 
networks  using  C,  C++,  and 
html.  Create  and  apply  DirectX 
/DirectShow  filters.  Create  players 
to  allow  user  to  set  preferences, 
convert  streams  to  different  for¬ 
mats  w.  Windows  media  format 
SDK.  Design  interfaces  with  COM. 
Apply  re  Ad  #4  to  B.  Meehan, 
VbrickSystems  Inc.,  12  Beaumont 
Rd.,  Wallingford,  CT  06492, 
email:  bridgetm@vbrick.com 


Network  Administrator  wanted 
to  install,  configure,  and  support 
offices'  local  area  network  and 
wide  area  network.  Manage 
hubs/routers  and  servers,  install 
hardware  and  software  and 
perform  related  duties.  BS  in 
Computer  Science  and  two 
years  related  experience  re¬ 
quired.  Send  resume  to  HR,  The 
Crossroads  Center,  RO.  Box 
19723,  Cincinnati,  OH  45219. 


Jr.  Software  Engineer  to  work 
under  the  direction  of  Sr.  Software 
Engineers  &  assist  in  the  design, 
analyses,  development,  coding, 
testing,  optimizing,  &  implementing 
various  applications  for  mobile 
devices  using  C,  C++,  SDS 
debugging,  Icrane,  ClearCase  & 
DDTS  for  version  control  &  defect 
tracking.  Reqd:  B.S.  C.S.  &  6 
mos.  of  rel.  exp.  40  hrs/week, 
9am-5pm.  Send  resume  to  J. 
Brigham,  HR  #A27, 7301  Parkway 
Drive,  Hanover,  MD  21076. 


Senior  Infrastructure  Engineer 
wanted  by  Fresh  Direct,  Inc.  in 
Long  Island  City,  NY.  Duties  in¬ 
clude  designing  and  implement¬ 
ing  high  performance,  scalable, 
and  robust  E-Business  infra¬ 
structure,  defining  standards  of 
publication  for  web  technology 
and  manage  all  aspects  of  the 
implementation  process,  providing 
on-call  technical  supports.  Master's 
degree  in  computer  Science  or 
related  fields  with  at  least 
two  years  experience  is  re¬ 
quired.  Please  send  resume  to 
jobs  @freshdirect.com 


PROGRAMMER  ANALYST 

Design  and  develop  methodology 
&  counterparts  to  connect  back¬ 
end  legacy  systems  to  frontend 
web  browser  based  interface  on 
CICS  Mainframe  &  PC  platforms 
using  WebSphere,  COBOL  & 
Java.  Conduct  tests  &  provide 
ongoing  support.  Req:  Bachelors 
in  Comp.  Sci.,  Comp.  Eng.,  or 
Elec.  Eng.  and  2  yrs.  exp.  40hr 
wk.  Job/S  nterview  Site:  Westlake 
Village,  CA.  Send  resume  to 
Data  Select  Systems,  Inc.,  2829 
Townsgate  Rd.,  #300,  Westlake 
Village,  CA  91361. 


Clines  Software  Consulting,  Inc., 
an  IT  company  is  looking  for 
qualified  individuals  for  the 
following  positions:  Programmer/ 
Analyst,  Software  Engineer,  Project 
Manager,  Project  Leader,  Business 
Development  Manager.  Candidate 
must  be  willing  to  travel 
extensively.  Send  resume  to:  71 6 
N.  Valley  St.,  Suite  A,  Anaheim, 
CA  92801 . 


OPERATION  RESEARCH  ANA¬ 
LYST  wanted  by  production, 
assembly  and  manufacture  of 
personal  computer  company  in 
Houston,  TX.  Must  have  Master 
in  Operations  Research  or  Math¬ 
ematics  and  1  yr.  exp.  in  Manu¬ 
facture  ERP  system.  Respond 
to:  HR  Dept.,  Foxconn  Corp., 
8801  Fallbrook  Dr.,  Houston,  TX 
77064.  Attn:  CKYM. 


Trusted 
by  more 
hiring 
managers 
than  any 
IT  space 
in  the 
world. 
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Project  Manager  (Denver,  CO)- 
OneWorld  Client  Manager 
Paradigm  Technologies,  a  Petro¬ 
leum  Place  Company,  is  an  en¬ 
ergy  software  company  seeking 
a  OneWorld  Client  Manager 
(Project  Manager)  to  oversee  the 
post-sales  customization  &  im¬ 
plementation  of  accounting  & 
financial  software  applications 
for  the  upstream  oil  &  gas  industry. 
This  software  integrates  with 
JDE  OneWorld  financial  software 
applications.  Requirements  in¬ 
clude  a  Bachelor's  degree  or 
foreign  equivalent  in  accounting 
or  related  field;  2  years  of  expe¬ 
rience  designing  &  developing 
financial  software  applications 
that  must  fully  integrate  with  JDE 
OneWorld  financial  software  ap¬ 
plications  for  the  upstream  oil  & 
gas  industry.  Respond  with  resume 
via  surface  mail  only  to:  Human 
Resources,  Petroleum  Place/ 
Paradigm  Technologies,  1099 
Eighteenth  St.  Ste.#2950,  Denver, 
CO  80202,  referring  to  #PT9.02 
OneWorld.  We  are  an  equal 
opportunity  employer. 


Reg.  Project  Mgr.,  Littleton,  CO: 
Apply  management  principles 
to  develop  &  implement  Info,  sys¬ 
tems  projects,  incl.  project  est., 
plan,  recruitment,  monitoring. 
Identify  risks/solutions,  bus. 
analysis  &  dev.;  prep,  reports, 
incl.  mktg.,  sales,  press  releases, 
dev.  user  doc.,  training  material, 
training  class;  dev.  ad  hoc  sys¬ 
tems/data  manipulation,  system 
specs.,  system  plan,  dev.  test 
plan,  using  expert  skills  in  MS 
Project,  MS  Access,  MS  Office. 
Req.:  BS  in  Comp.  Science  or 
Business  Mgmt.  +  ext.  exp.  in  IT 
Mgmt.  incl.,  typical  systems  dev. 
life  cycles,  budgeting,  training  & 
supervisory  exp.  Business  analyst 
skills,  knowledge  of  SQL  &  query 
cons.  Ability  to  handle  multiple 
projects  simultaneously.  Resume 
to:  Judith  Barbuto,  Instructional 
Design  Assoc.  10061  Talbert 
Ave.,  Suite  235,  Fountain  Valley, 
CA  92708. 


Programmer:  Develop  basic 
applications  for  using  JAVA  and 
JDBC-ODBC  to  communicate 
with  MS  SQL  database  for  in¬ 
ventory  control  and  automation. 
Write  programs  to  utilize  LabView 
software  for  automated  equipment 
testing.  Maintain  and  test  con¬ 
sistency  of  applications.  Perform 
unit  testing,  monitoring,  fine- 
tuning,  troubleshooting  and  bug¬ 
fixing  duties.  Write  specifications 
and  documentation  as  requested 
within  level  of  experience.  Assist 
Q.C.  Dept,  with  automation  and 
use  of  spectrum  analyzer,  noise 
figure  meter,  and  network  analyzer. 
Work  within  a  multinational  and 
multilingual  work  environment 
and  interface  with  IT  and  Engineer 
personnel  at  vendors  and  OEM 
customers  in  North  America  and 
at  manufacturers  and  suppliers 
in  China  and  Taiwan.  Req.  BS  in 
CS  or  CIS  with  9  months  experi¬ 
ence  in  job  offered  or  as  pro¬ 
grammer/analyst.  Proficiency 
in  JAVA,  MS  SQL,  AutoCAD. 
$47,500.00  per  year,  40  hr/wk, 
8-5.  Send  resume  to  Dir.  of  HR, 
Pro  Brand  International,  Inc., 
1 900  West  Oak  Circle,  Marietta, 
GA  30062 


Quantitative  Programmer  Analyst, 
Wachovia  Corp.,  Old  Greenwich, 
CT.  Design  &  develop  computer 
programs  &  systems  for  con¬ 
vertible  bonds  trading.  Reqs.  MA 
in  Comp.  Science  or  Eng.  &  1  yr 
exp  in  financial  industry  devel¬ 
oping  trading  systems  for  con¬ 
vertible  bonds,  quantitative  mod¬ 
eling,  value-at-risk  calculations, 
new  appl.  dvlp.,  developing  & 
converting  specs,  into  code,  & 
testing  &  prep,  of  code  for  prod, 
working  in  K  or  a  similar  special 
purpose  language  used  for 
financial  analytics.  Graduate 
work  or  thesis  incl.  work  w/  dvlp. 
&  implementation  of  complex 
quantitative  models  is  also  reqd. 
Send  resume  &  cvr.  Itr.  to  Sabrina 
Miller,  Wachovia  Corp.,  301  N. 
Tryon  Street,  NC  0953,  Charlotte, 
NC  28288-0953.  No  phone  calls 
please. 


SYNAPSE  GROUP,  INC.,  a 
leading  computerized  magazine 
marketing  company,  is  looking  to 
hire  qualified  candidates  for  the 
following  positions: 

Software  Engineer  to  research, 
analyze,  formulate  and  help  de¬ 
sign  software  systems;  to  predict 
and  measure  outcome  and  con¬ 
sequences  of  design  using  sci¬ 
entific  analysis  and  mathematical 
models;  to  help  develop  and 
direct  software  system  testing 
procedures,  programming  and 
documentation;  to  help  design 
and  tune  speech  recognition  in¬ 
terfaces  for  phone-based  IVR 
sales  and  customer  service  sys¬ 
tems.  At  minimum,  a  Bachelor’s 
degree  in  Computer  Information 
Systems  required.  Extensive 
knowledge  in  internet  applica¬ 
tions,  HTML,  SQL,  ASP  and 
ORACLE  preferred. 
Programmer  Analyst  to  plan, 
develop,  test,  document  and 
update  computer  programs  to 
increase  operating  efficiency;  to 
enter  program  codes  into  comput¬ 
er  systems;  to  evaluate  user  re¬ 
quirements;  and  to  monitor  per¬ 
formance  and  provide  technical 
assistance  to  program  users.  At 
minimum,  a  Bachelor's  degree  in 
Computer  Science  or  it’s  equiv¬ 
alent  required.  Sound  knowledge 
in  internet  applications,  HTML. 
SQL.  ASP  and  ORACLE  pre¬ 
ferred. 

Business  Analyst  to  research 
potential  markets;  analyze  sta¬ 
tistical  data  to  forecast  future 
marketing  trends;  initiate  and 
produce  timely  and  accurate  re¬ 
ports/analysis  to  improve  busi¬ 
ness  results;  and  to  develop  and 
maintain  sales  and  account 
management  reporting  systems. 
At  minimum,  a  Bachelor’s  de¬ 
gree  in  Business,  Finance  or  re¬ 
lated  discipline  required.  Strong 
PC  skills  and  good  financial/ac¬ 
counting  background  preferred. 
The  company  offers  a  competi¬ 
tive  compensation/benefit  pack¬ 
age  and  an  environment  where 
achievements  are  recognized  & 
professional  growth  is  encour¬ 
aged.  Qualified  applicants  are 
encouraged  to  mail  resumes  to: 
HR  Department,  Synapse  Group, 
Inc.,  Four  High  Ridge  Park, 
Stamford,  CT  06905. 


FT  Computer  Services  Manager. 
Multiple  positions.  Responsibilities 
include:  Manage  the  development 
and  implementation  of  marketing 
plans  for  NIITs  software  products 
and  services;  manage  strategic 
planning  and  budgeting;  develop 
and  negotiate  proposals  for  the 
provision  of  software  services; 
manage  marketing  analysts, 
systems  analysts  and  other 
technical  support  personnel;  and 
manage  client  relations.  Must 
have  a  Master's  Degree  or  foreign 
equivalent  in  Business  Administra¬ 
tion,  Computer  Science  or  related 
field  and  three  years  of  experience 
as  a  Computer  Systems  Analyst, 
Marketing  Analyst  or  a  related 
occupation  ora  Bachelor’s  Degree 
or  foreign  equivalent  in  Business 
Administration,  Computer  Science 
or  a  related  field  and  five  years 
of  progressive  experience  as  a 
Computer  Systems  Analyst, 
Marketing  Analyst  or  a  related 
occupation  for  the  computer 
software  industry.  Salary:  $84,000 
per  year  and  up,  commensurate 
with  experience.  If  interested, 
submit  resume  in  duplicate  to: 
Ms.  Sandy  Pruitt  NIIT  (USA),  Inc. 
1050  Crown  Pointe  Parkway, 
Suite  500  Atlanta,  GA  30338 


SENIOR  APPLICATION  DE¬ 
VELOPER  to  design,  develop, 
analyze,  implement  and  maintain 
web-based  software  applications 
using  Java,  JavaScript,  ASP,  Vi¬ 
sual  Basic,  XML,  SQL,  MS  SQL 
Server,  SOAP  and  Rational 
Rose;  integrate  Microsoft  web- 
enabled  products  with  front-end 
systems  and  back-end  systems. 
Require:  M.S.  in  Computer  Sci¬ 
ence/Mathematics/I  nformation 
Systems  and  one  year  experi¬ 
ence  in  the  job  offered.  Competitive 
salary  and  benefits.  Apply  with 
resume  to:  Vice  President,  McKing 
Consulting  Corp.,  2900  Chamblee 
Tucker  Road,  Building  11, 
Atlanta,  GA  30341  (Job# 
PY001). 


The  Principal  Software  Engineer 
/Developer  will  be  responsible  for 
multiple  phases  of  small  market 
payroll  systems  and  software  ap¬ 
plications  development  projects, 
including  but  not  limited  to,  ana¬ 
lyzing  project  requirements;  de¬ 
signing  Oracle  HRMS-based 
software  applications  with  an 
emphasis  on  Oracle  forms  and 
reports;  establishing  and  moni¬ 
toring  project  plans;  and  acting 
as  an  expert  technical  resource 
across  functional  organizations. 
Will  provide  technical  leadership 
and  training  to  other  team  mem¬ 
bers,  and  will  be  responsible  for 
directing  and  monitoring  the  pro¬ 
ductivity  of  subordinate  profes¬ 
sional  team  members.  Will  write 
code  to  produce  software  that 
meets  company’s  exacting  soft¬ 
ware  development  standards. 
Will  also  work  with  Quality  As¬ 
surance  organization  to  ensure 
that  software  components  meet 
system  acceptance  criteria; 
participate  in  the  transition  of 
software  to  production,  supporting 
the  installation  of  new  software 
components  to  the  production 
systems;  and  create  accompa¬ 
nying  technical  design  docu¬ 
mentation.  Requires  Bachelor's 
Degree  or  equivalent  in  Computer 
Science,  Engineering.  Mathe¬ 
matics,  or  Physics  and  five  (5) 
years  of  experience  in  Job 
Offered  or  five  (5)  years  of  expe¬ 
rience  in  Oracle  client/server 
application  development.  Alter¬ 
natively,  will  accept  Master’s 
Degree  in  Computer  Science, 
Engineering,  Mathematics,  or 
Physics  and  three  (3)  years  of 
experience  in  Job  Offered  or 
three  (3)  years  of  experience  in 
Oracle  client/server  application 
development.  Candidate  must 
also  possess  demonstrated  ex¬ 
pertise  developing  APIs,  Forms 
and  Reports  using  Oracle  ERP 
solutions;  financials,  manufac¬ 
turing,  or  HRMS;  demonstrtated 
expertise  in  UNIX  shell  scripting 
and  SQL  tuning  using  TKPROF; 
and  demonstrated  expertise 
developing  front-  and  back-end 
applications,  packages,  functions, 
and  procedures  using  SQL  nav¬ 
igator,  Oracle,  PL/SQL  and  DEV 
2000.  Salary  $75,000/yr;  Mon- 
Fri,  9:00AM-5:00PM.  Submit  two 
(2)  copies  of  resume/letter  of 
application  to  Job  Order  #2002- 
265,  PO.  Box  989,  Concord,  NH 
03302-0989.  EOE.  Applicants 
must  be  workers  eligible  to 
accept  employment  in  the  United 
States  on  a  full-time  basis. 


Sr.  Software  Engineer  wanted  by 
optical  networking  system 
developer  in  Oceanport,  N.J. 
Must  have  BS  degree  or  equivalent 
in  Electrical  Engineering  or  related 
field  and  8  years  exp.  in  job  offered 
or  in  Software  Engineering  or 
Design.  Experience  must  include 
designing  and  programming 
embedded  software  using 
C/C++  VxWorks,  developing 
communications  software  using 
Motorola  PPC  processors,  and 
experience  with  high-speed  optical 
control  circuits.  Respond  to 
Doreen  Sabol,  HR  Department 
(ref#  031),  Tellium,  Inc.,  2  Crescent 
Place,  Oceanport,  NJ  07757. 


Senior  Programmer  Analyst 
wanted  to  research,  design,  and 
develop  computer  software 
systems,  applying  principles  and 
techniques  of  computer  science, 
engineering,  science,  and  math¬ 
ematical  analysis,  using  COBOL, 
CICS,  MVS/ESA,  and  DB2. 
40  hrs./week.  8am  to  5pm.  $ 
67,766.40/year.  Must  possess 
Bachelor's  Degree  in  Electrical 
/Electronics  Engineering  or 
Computer  Science,  one  year  of 
experience  in  the  job  offered 
or  as  a  Software  Engineer/Pro¬ 
grammer,  and  six  months  expe¬ 
rience  with  COBOL,  CICS,  MVS 
/ESA  and  DB2.  Employer  Paid 
Ad.  Please  send  resumes  to 
MCDC/ESA,  P.O.  Box  11170, 
Detroit,  Ml  48202-1170.  Reference 
No.  202651. 


NATIONAL  SOCIETY  OF  HISPANIC  MBAS 


1303  Walnut  Hitt  Lane 
Suite  300 
Irving,  TX'  75038 
Phone;  214-596-9338 

.  .  .  ,  ,  Fax;  214-596-9325 

qn  please  visit  www.nshmba.org www.nshmba.org 

es  for  the  Phoenix  Convention  Center  &  Visitor’s  Bureau 


MBA 


Things  are  heating  up  in  .  ,. 

Phoenix  with  the  13th  Annual  *  *  t 

NSHMBA  Conference  &  **** 

Career  Expo  around  the  corner!  With  over  200  corporate  sponsors 
as  well  as,  highly  esteemed  business  executives  from  Fortune  500 
companies,  there  is  something  for  everyone! 

With  educational  plenary  sessions,  dynamic  seminars,  and  non-stop 
networking  opportunities,  the  conference  provides  /  , 
an  excellent  forum  to  enhance  your  leadership 
skills,  network  effectively  and  continue  to  make 
immeasurable  differences  in  your  career. 

With  all  its  splendors,  Phoenix  awaits  the  best  and  brightest 
Hispanic  professionals  to  immerse  themselves  in  the  greatest 
Latin  professional  gathering  on  the  planet  —  don't  miss  out! 
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IT  CAREERS 


INFORMATION  SYSTEMS  MANAGER 

Equal  Opportunity  Employer  in  Memphis  area  seeking 
Information  Systems  Manager.  A  successful  candidate 
will  be  responsible  for  exercising  managerial  control 
over  all  information  systems  ana  assessing  hardware 
/software  needs  ana  configurations;  responsible  for 
maintenance,  development,  and  enhancement  of 
existing  tax  collection  systems;  responsible  for  source 
code  and  continual  maintenance  and  enhancement  of 
website;  design,  develop,  and  implement  new  tax  soft¬ 
ware;  responsible  for  database  management  to 
ensure  maximum  performance:  design  standard  and 
custom  interfaces;  prepare  written  documentation  of 
software  policies,  standards,  and  methodologies, 
design  systems  flowcharts  and  logic  diagrams; 
responsible  for  planning  utilizing  knowledge  or  busi¬ 
ness  requirements  and  creative  ability  in  conjunction 
with  current  technology;  responsible  for  accurate  storage, 
upload,  and  retrieval  of  online  transactions;  maintain 
and  enhance  Internet  security  to  enable  website  to 
accept  tax  payment  via  the  Internet;  communicate 
technical  and  functional  information  to  non-technical 
users.  Design  and  transform  user  requirements  into 
software  applications;  create  short/long  term  informa¬ 
tion  systems  goals  and  ensure  compliance  with  busi¬ 
ness  plans. 

The  position  requires  a  Masters  degree  in  MIS, 
Computer  Science,  or  related  field  plus  at  least  2 
years  experience  as  a  software  developer,  programmer 
or  engineer  using  SQL  Server  7.0  or  higher  extensive 
Crystal  Report  experience,  Visual  Basic  6.0;  Visual 
Studio,  including  designing  e-commerce  sites  and  pro¬ 
gramming  ASF  pages,  and  must  be  proficient  with 
Visual  SourceSafe  and  Wise  Installer  or  equivalent 
program.  A  candidate  must  also  possess  at  least  3 
years  supervisory  experience  managing  a  programming 
staff.  Must  be  able  to  utilize  knowledge  of  above  appli¬ 
cations  to  perform  responsibilities  ofposition.  Must  be 
able  to  successfully  demonstrate  proficiency  and  skills 
during  technical  interview.  Must  be  able  to  understand 
and  respond  to  information  and  ideas  presented  by 
users  (both  verbally  and  in  writing)  and  able  to  effec¬ 
tively  communicate  technical  and  functional  information 
to  non-technical  personnel.  Must  possess  ability  to 
prioritize  work  while  performing  tasks  on  multiple  pro¬ 
jects.  A  candidate  must  be  available  to  be  on  call  and 
work  non-traditional  work  hours.  Must  be  able  to  pass 
criminal  investigation,  reference  check  and  drug/alcohol 
screening.  A  successful  candidate  must  reside  in 
Shelby  County,  Tennessee  as  of  the  date  of  employ¬ 
ment  and  remain  a  resident.  The  position  is  a  full-time, 
salaried,  exempt  position  and  requires  at  least  forty 
(40)  hours  a  week.  Send  Resume  to:  RO.  Box  2751, 
Memphis,  TN.  38101-2751 


IT  CAREER 
OPPORTUNITIES 


CSC  has  the  following  positions 
available  in  Alabama,  Delaware, 
Missouri,  Massachusetts,  New 
Jersey,  Ohio,  Oregon,  and 
Virginia: 

•  Consultant 

•  Supply  Chain  Consultant 

•  Database  Specialist 

•  ERP  Product  Specialist 

•  Computer  Scientist 

•  Programmer  Analyst 

•  Software  Engineer 

Requires  a  BS  or  MS  and  relevant 
experience,  based  on  level  of 
position.  May  involve  working  in 
multiple  national  work  sites  and 
public  speaking. 

We  offer  excellent  compensation 
and  a  comprehensive  benefits 
package.  Please  forward  your 
resume  to:  K.  Hale,  CSC,  2100  E. 
Grand  Ave.,  El  Segundo,  CA  90245. 
Please  indicate  the  specific  title  and 
location  of  job  for  which  you  are 
applying  on  your  application  letter. 
EOE.  M/F/D/V. 

HTTP //CAREERS  CSC.COM 


Piping  Engineers  needed:  Seeking 
qualified  candidates  with  MS/BS 
or  equiv.&for  rel.  work  exp.  Duties 
incl:  Developing  &  optimizing 
power  plant  piping  systems:  per¬ 
forming  static  &  dynamic  stress 
analysis  &  providing  technical 
solutions  to  piping  issues  at 
various  sites.  Part  of  the  reqd. 
exp.  must  include  2  yrs.  exp.  with 
Mechanical  Desktop,  Caesar  II  & 
Licad.  Mail  res.,  ref.  &  sal.  req.  to: 
HRD,  Fuel  Cell  Energy  Inc., 
1 1603  Seascape  Flun,  Magnolia, 
TX  77354. 


ENGINEERING 

Engineering  Manager/Software 
Architect.  Requires  Bachelor's 
degree  (or  foreign  equivalent)  in 
Computer  Science  or  Electrical 
Engineering,  &  two  years  of  exp. 
in  the  job  offered  or  two  years  of 
exp.  performing  web  develop¬ 
ment  engineering.  Stated  or  other 
exp.  must  include  two  years 
implementing  back-end  code 
for  websites;  programming  with 
HTTP,  HTML,  &  JavaScript  tech¬ 
nologies;  &  web  server  configu¬ 
ration  &  management.  At  least 
one  year  of  exp.  must  incl.  pro¬ 
gramming  with  PHP,  XML,  Flash, 
SSL,  Java,  customizing  modules 
in  Apache,  &  Linux.  40  hrs/wk. 
Job  located  in  Mountain  View, 
CA.  Send  resume  to  RocketCash 
LLC,  c/o  Les  Cheong,  1890  N. 
Shoreline  Blvd.,  Mountain  View, 
CA  94043. 


V  GROUP  INC. 

Software  &  consulting  company 
seeks  qualified  professionals 
(Bachelor's  degree  +)  for  na¬ 
tionwide  positions 
Programmer  /  System  Analyst 
Web  Developers  (Java, 
coldfusion,  ASP) 

Web  Masters 
ERP/CRM  Professionals 
(Siebel,  SAP.  BaaN) 

Tools  (Actuate,  Crystal  Re¬ 
ports) 

Client  Server  (Oracle,  C,  C++, 
VC++,  VB) 

System  Administrators  (Solaris, 
HP-UX,  AIX,  Windows  NT,  Cis¬ 
co) 

Database  Administrators  (Oracle 
Apps,  Peoplesoft,  Sybase,  Ora¬ 
cle,  DB2) 

Salary:  $90,000  -  $1 10,000  PA 
Benefits  available 
Send  resume  to: 

V  Group  Inc 
#1859 

3700  S  West  Port  Avenue 
Sioux  Falls,  SD  57106-6344 


ENGINEERING 

Senior  Software  Engineer.  Re¬ 
quires  a  bachelor's  degree  or 
equivalent  foreign  education 
in  information  technology  or 
computer  science  and  one  year 
of  experience  in  the  job  offered 
or  one  year  of  experience  en¬ 
gaging  in  the  development,  im¬ 
plementation,  and  administration 
of  an  ONYX  CRM  applications. 
All  experience  must  include  in¬ 
stalling  and  customizing  ONYX 
SQL  Server  stored  procedures, 
triggers  and  views;  creating  new 
programs  and  codes  using  ad¬ 
vanced  SQL  programming;  engag¬ 
ing  in  web-based  programming 
using  HTML/XHTML,  and  XML; 
and  expanding  functionality  of 
ONYX  CRM  applications  using 
VisualBasic.  40  hrs./wk.  8:00  a.m. 
-  5:00  p.m.  Apply  with  resume  to 
Mr.  Peter  Borocz,  Chief  Information 
Officer,  Fisher  Investments,  Inc., 
13100  Skyline  Blvd.,  Wocdside, 
CA  94062. 


Management  Information  Center 
Specialist:  Position  is  located  in 
Miami,  FL.  The  applicant  must 
have  a  BS  degree  in  Management 
or  Management  Information 
Systems  and  1  yr.  exp.  in  the  job 
or  a  related  field.  Mail  resume 
only  to  1901  Ponce  de  Leon 
Blvd.,  Coral  Gables,  FL  33134. 
Attention:  Mr.  Fernando  Arena. 


Position  opening  for  IT  profes¬ 
sionals  with  min.  2yrs  industry 
exp.  in  (various  skills  combination 
reqd.)  MQ  Series;  XML,  STX  12, 
EDI.  MED  Editor,  PDK,  DTS, 
OLAP,  RPT,  VB  Script,  Dream 
Weaver,  GRC,  AWT,  Websphere, 
JDBC,  Visual  Interdev  FoxPro, 
Solaris,  Unix,  SQL  Pre-Processor, 
C,  C++,  Oracle  Web  Application 
Server,  MTS,  Pro  *  C,  CSS,  XSL, 
CEEDUMP,  ES  9000,  SynSort, 
OAS,  OEM,  CVC,  SQR,  People- 
soft,  People  Tools,  WorkFlow, 
RMI,  etc.  MS  or  BS  or  equiv 
(Engg.  (any) )  or  CS  or  Bus.  Admin, 
or  rel.  field.  Travel/  reloc.  reqd. 
Resumes  only  to  HR,  3i  People, 
1780  Century  Circle,  Ste  2, 
Atlanta,  GA  30345. 


Performing  software  engineering 
design,  test,  analysis,  project  man¬ 
agement  and  implementation  of 
various  computer  applications  and 
ERP  Applications  mainly  with  an 
interface  of  SAP,  VIGNETTE, 
BROADVISION  focusing  into  Fi¬ 
nancials  line  of  activity  (FI,  GL, 
AP,  CO,  PA, PC  modules).  Heavy 
integration  into  the  environments 
into  the  logistics  and  Human  Re¬ 
sources.  Such  customization  has 
to  be  done  with  the  tools  like  SAP 
R/3,  BW.ABAP/4,  JAVA  UNIX,  TCP 
/IP  C/C++,  PL/SQL,  VHDL,  VI¬ 
SUAL  BASIC,  COBOL  &  WIN¬ 
DOWS  NT.  Must  have  min.  5  years 
of  experience,  40  hr/wk,  competitive 
salary.  Resumes  should  be  sent  to 
226  Paul  St.#204,  Pittsburgh,  PA- 
1521.  WEB  #280986. 


Performing  software  engineering 
design,  test,  analysis  and  imple¬ 
mentation  of  various  computer 
applications  for  Web  based 
architecture  wrt  financial  indus¬ 
try.  Extensively  use  of  JAVA  with 
EXTRICITY  on  the  web  servers 
like  WEBSPHERE  and  iPLAN- 
ET.  The  database  like  ORACLE 
8i  and  DB2  should  be  used  to 
retrieve  data.  Should  work  with 
operating  systems  like  UNIX  and 
WINDOWS  NT  etc.  Must  have 
min.  5  years  of  experience,  40 
hr/wk,  competitive  salary.  Resumes 
should  be  sent  to  226  Paul 
St. #204,  Pittsburgh,  PA-15211. 
WEB  #281967. 


Senior  Consultant  needed.  Seek¬ 
ing  qual.  candidates  possessing 
a  min.  of  3  yrs.  rel.  work  exp.  as 
a  computer  professional  working 
w /  financial  software  applica¬ 
tions.  2  yrs.  of  the  req.  work  exp. 
MUST  incl.  data  warehousing 
and  architecture.  Mail  res.  and  sal. 
req.  to  Accelerent  Partners,  Inc. 
207  Eastmoor  Blvd.,  Columbus, 
OH  43209,  ATTN:  Carey  Cheri. 


SAS  Programmer.  Wallingford, 
CT.  Perform  database  and 
statistical  analysis  and  manage¬ 
ment  through  the  development 
of  SAS  programs.  Responsible 
for  generating  reports  including 
tables,  plots,  graphs,  charts  and 
SAS  datasets.Through  the 
utilization  of  SAS  tools,  analysis 
and  techniques,  perform  data 
validation,  edit  checking  and 
data  cleaning  to  generate  clean 
SAS  datasets.Requires:  M.S.  in 
biostatistics,  public  health,  math, 
economics  or  computer  science. 
40hrs/wk.  Send  resume 
(no  calls)  to  Mr.  Keith  Shelly, 
Managing  Partner,  Smith  Hanley 
Consulting  Group,  Inc.  1025 
Greenwood  Blvd,  Suite  231, 
Lake  Mary,  Florida  32746. 


Programmer/Analyst  to  design, 
develop  and  test  application 
software  using  C,  C++,  ProC 
/C++,  Forms  4.5,  ORACLE,  on 
UNIX  and  Windows  Platforms. 
Require:  BS  Degree  in  Computer 
Science/Engineering/Science  or 
a  closely  related  field  with  2 
years  of  progressively  responsible 
experience  in  the  Job  offered  or 
related  occupation  of  Software 
Engineer.  Extensive  travel  on 
assignments  to  various  client 
sites  within  the  US  is  required. 
Competitive  salary  offered.  Apply 
by  resume  to  :  Ravi  Kandimalla, 
President,  EVEREST  COM¬ 
PUTERS  INC.,  900  Old  Roswell 
Lakes  Parkway,  Suite  300, 
Roswell,  GA-30Q76:  Attn:  JobCV 


Senior  Consultant  needed.  Seek¬ 
ing  qual.  candidates  poss.  MS  or 
equiv.  and  3  yrs  rel.  work  exp.  as 
a  computer  professional  working 
w/  financial  software  applications. 
2  yrs.  of  the  req.  work  exp.  MUST 
incl.  business  analysis  and  pack¬ 
age  system  design/implementa¬ 
tion.  Mail  res.  and  sal.  req.  to 
Accelerent  Partners,  Inc.  207 
Eastmoor  Blvd.,  Columbus,  OH 
43209,  ATTN:  Carey  Cheri. 


e  lite 

companies 

emerging 

companies 

e-ssential 

companies 


e-normous 

opportunities 

Q  careers 


The  World 
Of  Work  Is 
Changing 
Every  Week 


Luckily,  We 
Are  Too! 

For  the  most  up  to 
date  opportunities 
and  coverage,  stay 
tuned  in  with  us. 


where  the  best  get  better 


1 -800-762-2977 


CW021104CW4 


Computerworld  •  November  4,  2002 


IT  CAREERS 


Advertising  Supplement 


IT  Careers: 

more  an  issue 

For  more  than  a  decade,  American  busi¬ 
nesses  have  worked  to  make  the  workplace 
more  diverse,  bringing  different  back¬ 
grounds,  educations,  cultures,  ethnicities, 
age  groups  and  genders  to  the  workplace, 
yet  the  challenge  remains  just  as  strong  as 
it  did  a  decade  ago.  What  has  changed  is 
the  explosion  of  the  information  technolo¬ 
gy  industry  and  the  opportunities  available 
to  women  and  under-represented  minori¬ 
ties.  Despite  increased  attention  to  diver¬ 
sity  in  recruiting  and  retention  programs,  a 
shortage  exists  throughout  the  IT  industry. 

A  recent  report  by  a  Congressional 
Commission  on  the  Advancement  of 
Women  and  Minorities  in  Science, 
Engineering  and  Technology  Development 
reports,  "If  women,  underrepresented 
minorities,  and  persons  with  disabilities 
were  represented  in  the  U.S.  science, 
engineering  and  technology  workforce  in 
parity  with  their  percentage  in  the  total 
workforce  population,  this  shortage  could 
largely  be  eliminated." 

According  to  Microsoft's  senior  direc¬ 
tor  of  diversity,  Claudette  Whiting,  it  is 
imperative  for  businesses  to  be  diverse. 
"There  is  a  critical  need  for  businesses  to 
create  a  diverse  workforce  and  for  our 
industry  to  develop  a  strong  pipeline 
of  knowledgeable  women  and  under¬ 
represented  minorities,"  she  says. 

This  year  alone,  more  than  600,000 
new  jobs  are  projected  in  information 
technology,  according  to  the  Information 
Technology  Association  of  America. 
Microsoft  alone  is  looking  to  hire 
more  than  5,000  new  employees  to 
the  company. 

Whiting  notes  that  despite  the  contin¬ 
ued  growth  of  jobs  in  technology,  the 
pipeline  of  women  entering  the  profes¬ 
sion  isn't.  Just  over  a  decade  ago,  37% 
of  the  college  graduates  in  computer 
science  and  engineering  were  women.  In 
1998,  the  number  had  fallen  to  27%. 

"The  high  tech  industry  is  facing  a  criti¬ 
cal  challenge  in  that  there's  a  very  small 
pool  of  minority  and  women  candidates 
completing  math  and  science  education 
programs,"  says  Whiting.  "We  have  not 
prepared  the  new  generation  to  be  able 
to  have  the  kinds  of  jobs  Microsoft  and 
other  companies  will  have." 

Microsoft  is  committed  to  attracting 
talented  women  to  the  company  and  high 
tech  industry  at  large  and  is  pursuing  its 
commitment  on  several  levels.  The  first  is 
to  engage  the  business  community  in  the 
overall  issue  of  women  in  technology. 

For  example,  Microsoft  is  sponsoring  a 
research  project  with  Catalyst,  the 
nation's  leading  research  organization 
concerning  women  in  the  workplace.  The 
group  will  host  a  series  of  roundtables 
across  the  nation  with  influential  men 
and  women  to  "get  at  what  helps 
facilitate  IT  careers  for  women  and  what 


Diversity 
now  than  ever 


Bachelor's  degrees  awarded  by  U.S. 
academic  institutions  in  1 997-98 


Bachelor's  degrees  in  computer  and 
information  sciences  awarded  by  U.S. 
academic  institutions  in  1 997-98 


Source:  U.S.  Department  of  Education, 

National  Center  for  Education  Statistics, 

Digest  of  Education  Statistics,  2000. 

are  barriers,"  explains  Whiting. 

Other  elements  of  the  company's 
four-  part  diversity  program  include 
programs  the  can  help  inspire  young  girls 
to  take  advantage  of  the  range  of  career 
opportunities  available  to  them  in  the 
technology  industry.  Microsoft's  DigiGirlz 
program  is  a  camp  for  young  girls  that 
seeks  to  get  them  interested  in  informa¬ 
tion  technology.  The  company  also  offers 
internships  not  only  to  women  in  college, 
but  also  to  high  school  girls  to  get  them 
interested  in  pursuing  majors  in  math 
and  the  sciences.  Whiting  says  the  girls 
don't  have  enough  role  models  of  women 
in  leadership  positions  in  technology, 
and  Microsoft  women  are  working  to  cor¬ 
rect  that  situation  by  serving  as  mentors 
and  being  involved. 

Another  area  of  Microsoft's  support 
is  through  the  Technology  Access 
Foundation's  Alliance  Program.  It  is 
committed  to  providing  the  training 
and  experience  necessary  for  teens  of 
color  to  achieve  careers  in  technology. 

The  alliance  also  helps  local  businesses 
recruit  a  diverse  workforce  from  their 
own  community. 

"We  need  businesses  across  industries 
to  join  in  this  national  conversation," 
adds  Whiting.  "The  lack  of  females  in  the 
IT  pipeline  has  been  called  a  guiet  crisis 
-  it's  actually  a  roar  at  Microsoft." 

IDG  Recruitment  Solutions. 

For  more  job  opportunities  turn  to  the  pages  of  ITcareers. 

•  If  you'd  like  to  take  part  in  an  upcoming  ITcareers  feature, 
contact :  Vice  President  Advertising:  Janis  Crowley 
155  Bovet  Road,  Suite  101  San  Mateo,  CA  94402 
janis_crowley@idg.com  or  1-800-762-2977  x7607 
Visit  our  website  at  www.itcareers.com 
Produced  by  Carole  Hedden 


All  kinds  of  people. 
All  kinds  of  projects. 


At  Microsoft,  diversity  matters. 
Not  just  in  the  way  we  hire,  but 
in  every  facet  of  our  operation. 
Because  ultimately,  we  believe 
that  a  diverse  workforce  will 
not  only  enrich  our  performance 
and  products,  but  also  the  lives 
of  our  employees,  and  the  very 
communities  in  which  they  live 
and  work. 

For  more  information,  visit  our 
Web  site.  When  applying  for  a 
position,  please  indicate  Job 
Code  A22y6-0715  in  the 
subject  header. 

©2002  Microsoft  Corporation.  All  rights  reserved.  Microsoft  is  a 
registered  trademark  of  the  Microsoft  Corporation  in  the  United  States 
and/or  other  countries.  Microsoft  is  an  equal  opportunity  employer 
and  supports  workplace  diversity. 


microsoft.com/careers/ 
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CW021 104CW.3 


Computerworid  •  November  4,  2002 


60 


C0MPUTERW0RLD  November  4, 2002 


RESOURCES 


www.computerworld.com 


How  to  Contact 

COMPUTERWORLD 

We  invite  readers  to  call  or  write  with  their  comments 
and  ideas.  It  is  best  to  submit  ideas  to  one  of  the  department 
editors  and  the  appropriate  beat  reporter. 


Maryfran  Johnson,  editor  in  chief 
(508)  820-8179 

DEPARTMENT  EDITORS 

Don  Tennant,  News  editor . (508)  620-7714 

Craig  Stedman,  assistant  News  editor . (508)  820-8120 

Julia  King,  Management  editor . (610)  532-7599 

Tommy  Peterson,  Technology  editor . (508)  620-7729 

Mitch  Betts,  director,  Knowledge  Centers . (301)  262-8243 

REPORTERS 

Bob  Brewin,  mobile  computing/wireless;  Intel  PCs 


. 73011 277-8069 

Matt  Hamblen,  networking;  network  systems  management; 

Thomas  Hoffman,  information  economics; 

. (845)988-9630 

Lucas  Mearian,  financial  services;  storage; 

. (508)820-8215 

Linda  Rosencrance,  general  assignment; 
transportation/carriers . 

. (508)628-4734 

Carol  Sliwa,  Microsoft;  Web  services  technologies; 

application  development;  retail  industry . (508)  628-4731 

Marc  L.  Songini,  ERP:  supply  chain;  CRM;  databases; 

data  warehousing;  EAI;  CA . (508)  820-8182 

Patrick  Thibodeau,  state/federal  government;  antitrust; 

legal  issues;  politics . (202)  333  2448 

Dan  Verton,  security:  detense  and  aerospace;  travel . (703)  321-2277 


Jaikumar  Vijayan,  enterprise  systems;  ASPs/outsourcing; 
security:  manufacturing . (630)  978-8390 

Todd  R.  Weiss,  general  assignment;  Linux; 
messaging/collaboration . (717)  560-5255 

OPINIONS 

Patricia  Keefe,  editor  at  large . (508)  820-8183 

Mark  Hall,  opinions  editor . (503)  391-1158 

Frank  Hayes,  senior  news  columnist . (503)  252-0100 

FEATURES  EDITORS 

Ellen  Fanning,  special  projects  editor . (508)  820-8204 

Robert  L.  Mitchell,  technology  evaluations  editor . (508)  820-8177 

Gary  H.  Anthes,  editor  at  large . (703)  536-9233 

Jean  Consilvio,  assistant  features  editor . (508)  820-8562 

COMPUTERWORLD.COM 

Tom  Monahan,  online  director . (508)  820-8218 

Sharon  Machlis,  managing  editor/online . (508)820-8231 

Ken  Mingis,  online  news  editor . (508)  820-8545 

Marian  Prokop,  online  editor  at  large . (508)  620-7717 

Brian  Sullivan,  online  editor  at  large . (508)  620-7780 

John  R.  Brillon,  associate  art  director . (508)  820-8216 

David  Waugh,  associate  art  director . (508)  820-8142 

David  Ramel,  e-mail  newsletter  editor 
Keeiey  Guillerme,  marketing  associate/researcher 


Peter  Smith,  Web  development  manager 
Kevin  Gerich,  Mark  Savery,  Web  developers 
Bill  Rigby,  associate  Web  developer 
Matthew  Moring,  graphics  designer 

RESEARCH 

Mari  Keefe,  research  manager 
Gussie  Wilson,  research  associate 


COPY  DESK 

Jamie  Eckle,  managing  editor/production . (508)  820-8202 

Michele  Lee  DeFilippo,  assistant 

managing  editor/production . (508)  820-8126 


Bob  Rawson,  Monica  Sambataro,  senior  copy  editors 
Jacqueline  Day,  Mike  Parent,  copyeditors 


GRAPHIC  DESIGN 

Stephanie  Faucher,  design  director . (508)  820-8235 

April  O'Connor,  associate  art  director 
Julie  D’Errico,  graphic  designer 
Susan  Cahill,  graphics  coordinator 
John  Klossner,  cartoonist 

ADMINISTRATIVE  SUPPORT 

Linda  Gorgone,  office  manager . . . (508)  820-8178 

Cheryl  Dudek,  administrative  assistant . (508)  820-  8178 

CONTRIBUTING 

COLUMNISTS 

John  Berry,  David  Foote,  Pimm  Fox, 

Michael  Gartenberg,  Dan  Gillmor, 

Thornton  A.  May,  David  Moscheila, 

Bart  Perkins,  Nicholas  Petreley,  Fran  Quittel 

CONTRIBUTING 

WRITERS 

Amy  Helen  Johnson,  Russell  Kay, 

Sami  Lais,  Kathleen  Melymuka, 

Deborah  Radcliff 


GENERAL  INFORMATION 


TELEPHONE/FAX 

Main  phone  number _ (508)  879-0700 

All  editors  unless  otherwise  noted  below 

Main  fax  number . (508)  875-8931 

24-hour  news  tip  line. . .  (508)  620-7716 

E-MAIL 

Our  Web  address  is 

www.computerworld.com. 

Staff  members’  e-mail  follows  this  form: 

firstnameJastname@computerworld.com. 

For  IDG  News  Service  correspondents: 

firstnamejastname@idg.com. 

LETTERS  TO  THE  EDITOR 

Letters  to  the  editor  are  welcome 
and  should  be  sent  to: 

letters@computerworld.com. 

Include  your  address  and  telephone  number. 

MAIL  ADDRESS 

PO  Box  9171,  500  Old  Connecticut  Path, 
Framingham,  Mass.  01701 

SUBSCRIPTIONS/BACK  ISSUES 

Subscription  rates:  U.S.,  $190/year  Canada, 
$220/year;  Central  and  South  America,  $250/yean 
all  others,  $295/year 

Phone . (800)  552-4431 

E-mail . . .  circulation@computerworld.com 
Back  issues . (508)  988-7590 

REPRINTS/PERMISSIONS 

Contact . Renee  Wywadis 

Phone . (717)  399-1900,  ext.  172 

E-mail . rwywadis@reprintbuyer.com 

Visit  www.reprintbuyer.com  to  obtain  quotes 
and  order  reprints  online. 


COMPANIES  IN  THIS  ISSUE 

Page  number  refers  to  page  on  which  story  begins.  Company  names  can  also  be 

searched  at  www.computerworld.com. 


ACCENTURE  LTD . 1. 8 

ACE  INA  HOLOIN6S  INC . 1 

ACTIVE  VOICE  LLC . 32,33 

ADVANCED  FIBRE 

COMMUNICATIONS  INC . 1 

ALCATEL  . 16 

AMERIOUEST  MORTGAGE  CO . 7 

AMPLIFV.NET  INC . 40 

ANTARA  NET  LLC . 10 

APPIQ  INC . 40 

ARC  ADVISORY  GROUP  INC . 29,30 

ARIBA  INC . 10 

ASCENTIAL  SOFTWARE  CORP . 29 

AT&T  CORP . 49 

AT&T  SOLUTIONS . 1 

AUSTIN  LANE  TECHNOLOGIES  INC . 43 

AVANTGO  INC . 43 

AVAVA  INC .  32.33 

B2B  ANALYSTS  INC . 20 

BALTIMORE  TECHNOLOGIES  PLC . 38 

BARRA  INC  . 49 

BEA  SYSTEMS  INC . 7 

BELL  ATLANTIC  NETWORK  INTEGRATION  ...  1 

BLOOMBERG  LP . 49 

BLUE-SILICON . 33 

BMC  SOFTWARE  INC . 12 

BORLAND  SOFTWARE  CORP  .10 

BURLINGTON  COAT  FACTORY 

WAREHOUSE  CORP . 1 

CABLE  &  WIRELESS  INTERNET 

SERVICES  INC .  14 

CABLE  &  WIRELESS  PLC  . .  49 

CALL  SCIENCES  INC . 33 

CANADIAN  TIRE  CORP . 7 

CAP  GEMINI  ERNST  &  YOUNG . 7 

CAPTARIS  INC . 32.33 


CARNEGIE  MELLON  UNIVERSITY . 54 

CELENT  COMMUNICATIONS  LLC . 1 

CENTER  FOR  CREATIVE  LEADERSHIP . 52 

CENTER  FOR  INTERNET  SECURITY . 40 

CERT  COORDINATION  CENTER . 38 

CIMI  CORP . 16 

CISCO  SYSTEMS  INC . 6,16,33 

CITIZENS  BANK . 14 

CLOSEDLOOP  SOLUTIONS  INC . 10 

COLE  HAAN . 52 

COLLIGO  NETWORKS  INC . 40 

COMPUTER  SCIENCES  CORP . 1,8,14 

COURION  CORP . 22 

COVANSYS  CORP . 49 

CUTTER  CONSORTIUM . 52,54 

DASSAULT  SYSTEMES  SA . 29 

DATASWEEP  INC . 29.30 

DELL  COMPUTER  CORP . 10 

DIGIMINE  INC . 10 

DIRECTIONS  ON  MICROSOFT  INC . 21 

DIRECTV  INC . 12 

DIXON  TICONDEROGA  CO . 12 

EGLIN  AIR  FORCE  BASE . 32.33 

ELECTRONIC  DATA 

SYSTEMS  CORP . 1.10,22 

ELECTRONIC  FRONTIER  FOUNDATION  ....  20 

EMC  CORP . 10.14 

EMERSON  ELECTRIC  CO . 10 

ENTRUST  INC . 38 

ERLANGER  HEALTH  SYSTEM . 16 

FANNIE  MAE . 12 

FBI . 14 

FIRST  TECHNOLOGY  INC . 10 

FLASH  ELECTRONICS  INC . 29 

FORMATION  SYSTEMS  INC . 29 

FORRESTER  RESEARCH  INC . 1 


GARTNER  INC . 6.7.14.16.20.22 

GENERAL  MOTORS  CO . 1 

GOVONE  SOLUTIONS  LP . 21 

GREEN  MOUNTAIN  COFFEE 

ROASTERS  INC . 1 

HARVARD  BUSINESS  SCHOOL . 52,53 

HELWETT-PACKARD  CO . 1 

HENKEL  CONSUMER  ADHESIVES  INC . 29 

HEWLETT-PACKARD  CO . 1,6,10.12,21.24 

IBM . 1,14.20.24.32,49 

IDC . 10.14 

ILLUMINATA  INC . 1 

INFORMATION  BUILDERS  INC . 43 

INFORMATION  TECHNOLOGY  ASSOCIATION 

OF  AMERICA . 14 

INSTITUTE  OF  ELECTRICAL  AND 

ELECTRONICS  ENGINEERS  INC . 6 

INTEL  CORP . 14 

INTENTIA  INTERNATIONAL  AB . 62 

INTERGRAPH  CORP . 14 

INTERNET  CORPORATION  FOR  ASSIGNED 

NAMES  AND  NUMBERS . 8 

INTERNET  ENGINEERING  TASK  FORCE . 10 

IOMEGA  CORP .  40 

J.P.  MORGAN  CHASE  &  CO . 1 

J2  GLOBAL  COMMUNICATIONS  INC . 33 

JUPITER  RESEARCH . 25 

KRAFT  FOODS  INC . 52 

KTG  INC . 44 

LENOX  INC . 1 

LOCKHEED  MARTIN  AERONAUTICS  CO,  . . .  29 

LOTUS  DEVELOPMENT  CORP . 20 

LUCENT  TECHNOLOGIES  INC . 16 

MANUGISTICS  INC . 7 

MAPICS  INC . 29 

MCCONNELL  ASSOCIATES . 10 

MCDONALD'S  CORP . 43.44 

MERANT . 10 

MERRILL  LYNCH  &  CO . 46 

META  GROUP  INC . 6 

MI2G  LTD . 38 

MICROSOFT  CORP .  1.10,14. 


.  20,21.29.32,33.38.40 


MORGAN  STANLEY  DEAN  WITTER  &  CO . 6 

MULTEX.COM  INC . 49 

NATIONAL  INSTITUTE  OF  STANDARDS 

AND  TECHNOLOGY . 8 

NAVISION  A/S . 14 

NEC  CORP . 33 

NETLEDGER  INC . 10 

NEW  YORK  UNIVERSITY . 6 

NORTEL  NETWORKS  LTD . 16.32,33 

NOVELL  INC . 32 

O.C.  TANNER  CO . 21 

OPEN  SOURCE  APPLICATIONS 

FOUNDATION . 20 

OPENNETWORK  TECHNOLOGIES  INC . 10 

ORACLE  APPLICATIONS  USERS 

GROUP . 12 

ORACLE  CORP . 10,12 

PACKET  DESIGN  LLC . 10 

PALM  INC . 40,43 

PEOPLESOFTINC . 43 

PERSHING . 49 

PHILIP  MORRIS  COS . 6 

POLARIS  INDUSTRIES  INC . 29 

PROLOGIC  COMMUNICATIONS  INC . 33 

PROVIDENCE  HEALTH  SYSTEM . 1 

PROXIM  CORP . 6 

PUMATECH  INC . 43 

PWC  CONSULTING . 1 

REUTERS  GROUP  PLC . 62 

ROOT  LEARNING  INC . 53 

RPM  INTERNATIONAL  INC . 29 

RSA  SECURITY  INC . 38 

SI  CORP . 14 

SALESFORCE.COM  INC . 10 

SAP  AG . 20.52 

SAP  AMERICA  INC . 20 

SATYAM  COMPUTER  SERVICES  LTD . 49 

SECURITIES  AND  EXCHANGE 

COMMISSION .  14 

SERVICE  &  SUPPORT  PROFESSIONALS 

ASSOCIATION . 12 

SIERRA  WIRELESS  INC .  43 

SITELCORP . 12 


SOCIETY  FOR  INFORMATION 

MANAGEMENT .  6 

SSI  TECHNOLOGIES . 49 

STATE  COMPENSATION  INSURANCE 

FUND . 32,33 

STATE  STREET  CORP . 49 

STORAGE  NETWORKING  INDUSTRY 

ASSOCIATION . 12 

STORAGENETWORKS  INC . 12,49 

SUN  MICROSYSTEMS  INC . 1,10.24 

SYMBOL  TECHNOLOGIES  INC . 44 

TANGENT  SYSTEMS  INC . 43 

TATA  CONSULTANCY  SERVICES . 49 

TAXWARE . 21 

THE  BANK  OF  NEW  YORK  CO . 49 

THE  CONCOURS  GROUP . 46 

THE  PELORUS  GROUP . 32,33 

THE  SANS  INSTITUTE . 40 

THE  WORLD  BANK . 14 

TIM  BEATY  BUILDERS  INC . 43.44 

T-SYSTEMS  INC . 29 

U.S.  AIR  FORCE . 32 

U.S.  DEPARTMENT  OF  COMMERCE . 8 

U.S.  DEPARTMENT  OF  DEFENSE . 33,54 

U.S.  NAVY . 22 

UNISYS  CORP . 14,49 

UNIVERSITY  OF  NOTRE  DAME . 36 

VERISIGN  INC . 38 

VIBREN  TECHNOLOGIES  INC . 40 

VIEWSONIC  CORP . 43 

VISA  INTERNATIONAL  INC . 22 

VOCENT  SOLUTIONS  INC . 22 

W.W.  GRAINGER  INC . 52 

WAL-MART  STORES  INC . 21.54 

WI-FI  ALLIANCE . 6 

WILLIAM  L,  LYON  & 

ASSOCIATES  INC . 32.33 

WILMINGTON  TRUST  CO . 8 

WIND  RIVER  SYSTEMS  INC . 10 

YAHOO  INC . 36.49 

ZAPTHINK  LLC . 44 


ADVERTISER’S  INDEX 


Advanced  Micro  Devices  . 

www.amd.com 

.20,21.23 

American  Power  Conversion  . .17 

Autonomy  . ... — 

. . .11 

www.autonomy.com 

Brio . 

www.brlo.com 

Canon  . 

www.imagomnner.com 

. 47 

Computer  Associates  . . . . 
www.ca.cbm 

. 4 

Dell . 

www.deH.com 

. 15 

DLTtapeTechnology . 

320reasons.com 

....24/25* 

Fujitsu . 

www.net  cobol  .com 

. 42 

IBM  DBS . 

www.lbm.com 

. 64 

IBM  E-infraatructur*  . 

www.ibm.com 

. 50-51 

IBM  Lotus . 

www.lbm.com 

. 63 

IBM  x-Serl@3 . 

www.lbm.com 

. 39 

InterSystems  Corp . 

www.lntersystems.oom 

. 28 

Iomega . 

www.lome0a.com 

. . 37 

Microsoft  Abilities . 

www.microsoft.com 

. 26-27 

Microsoft  Agility  . 

www.mlcrosoft.com 

. 18-19 

Nokia . 

www.nokla.com 

. 2-3 

Nortel  Networks  . 

. 55 

www.nortelnetworks.com 

Oracle  Corp . 9 

www.oracle.com 

Premier  100  IT  Leaders  Conference41 

www.com  putorworid.com/plOO 

SAP . 45 

www.sap.com 

Storage  Netorking  World  Online  .  .48 
www.snwonllne.com 

Sybase . 34-35 

www.sybase.com 

Veritas . .31 

www.verltas.com 

*  Regional  Select  Edition 


Thta  Index  Is  provided  os  an  additions  service  The  pub 
Usher  does  not  assume  any  kabdrty  for  errors  or  omisswno. 


www.computerworld.com 


NEWS 


COMPUTERWORLD  November  4, 2002  81 


Continued  from  page  1 

On-Demand 


going  to  help  users  get  more 
value  out  of  their  assets  and 
will  transition  them  from  a 
pay-upfront  model  to  a  pay-as- 
you  go  model,  which  charac¬ 
terizes  any  mature  industry.” 

In  a  speech  outlining  his 
strategic  vision  for  IBM  over 
the  next  few  years,  Palmisano 
said  the  company  will  deliver 
the  building  blocks  for  this  on- 
demand  architecture.  Such  an 
architecture  could  be  hosted 
by  IBM  or  be  deployed  by 
companies  internally  with 
IBM’s  assistance,  he  said. 

IBM  has  created  an  org¬ 
anization  called  On-Demand 
that’s  focused  on  developing 
capabilities  in  this  area 
through  its  own  research  and 
development  and  through  ac¬ 
quisitions,  Palmisano  said. 

The  company  is  opening  four 
On-Demand  design  centers 
around  the  world  to  help  com¬ 
panies  test  the  concept  using 
IBM  Web  services,  Linux  and 
grid  computing  technologies, 
he  said. 

Driving  the  effort  is  growing 
user  angst  over  the  complexity 
of  managing  IT  networks  and 


Continued  from  page  1 

Economics 

pany  reported  earnings  of 
$1.7  billion  in  its  third  quarter, 
year-to-date  revenue  of  $57.5 
billion  is  more  than  5%  lower 
than  it  was  a  year  ago. 

IBM  blamed  the  decline  on 
the  slowdown  in  IT  spending 
caused  by  the  recession.  But 
growing  commoditization  in 
the  hardware  space  and  the 
vast  amounts  of  excess  capaci¬ 
ty  following  Y2k  remediation 
efforts  and  investments  in  dot¬ 
com  buildouts  are  also  squeez¬ 
ing  profits  and  new  revenue, 
analysts  said. 

“The  vendors  know  that  the 
Y2k  and  dot-com  buildouts 
are  not  going  to  happen  again,” 


the  gross  underutilization  of 
resources  that  current  ap¬ 
proaches  have  created,  Palm¬ 
isano  said.  “We  are  seeing  a 
fundamental  shift  that  is  irre¬ 
versible,”  he  said. 

On-demand  systems  like 
those  proposed  by  IBM  will 
lead  to  better  utilization  of 
computing  resources,  reduced 
complexity  and  lower  owner¬ 
ship  costs,  said  William  Siegle, 
CIO  at  Ace  INA  Holdings  Inc. 
in  Philadelphia. 

And  they  could  help  busi¬ 
nesses  drastically  reduce  the 
upfront  costs  for  technology, 
said  Mike  Prince,  CIO  at 
Burlington  Coat  Factory  Ware¬ 
house  Corp.  in  Burlington,  N.J. 
“There’s  always  been  an  ob¬ 
stacle  that  you  don’t  begin  to 
see  the  ROI  until  the  thing’s 
deployed,”  which  could  be 
six  or  nine  months  down  the 
road.  Prince  said. 

Business  Justification 

Other  IT  executives  aren’t  so 
sure  of  the  cost  benefits. 

Bob  Palmer,  vice  president 
of  IT  at  Lenox  Inc.  in  Law- 
renceville,  N.J.,  said  that  with 
hardware  becoming  increas¬ 
ingly  commoditized,  Lenox’s 
strategy  has  been  to  buy  an¬ 
other  ultracheap  server  when- 


said  Jonathan  Eunice,  an  ana¬ 
lyst  at  Illuminata  Inc.  in  Nash¬ 
ua,  N.H. 

Instead,  the  greater  short¬ 
term  opportunities  lie  in  help¬ 
ing  companies  make  better 
use  of  their  underutilized  ca¬ 
pacity,  he  said. 

IBM  is  therefore  adopting  a 
model  in  which  it  can  get  “re¬ 
curring  revenues”  from  deliv¬ 
ering  and  enabling  IT  as  a 
more  efficient,  utilitylike  ser¬ 
vice,  said  Sam  Albert,  an  inde¬ 
pendent  consultant  in  Scars- 
dale,  N.Y. 

Big  Blue’s  Edge 

Increasingly,  the  opportuni¬ 
ties  will  lie  not  in  providing 
hardware,  software  or  even 
traditional  IT  services,  but  in 
helping  companies  manage 


Key  Enablers 

Technologies  that  are  core  to  an 
on-demand  infrastructure  include 
the  following: 

■  Partitioning 

■  Grid  computing 

■  Virtualization  and  workload 
management  tools 

■  Services  provisioning  and 
policy  automation  software 

■  XML  and  the  Simple  Object 
Access  Protocol 


ever  it  needs  extra  capacity 
and  then  “run  it  into  the 
ground.” 

Utility-based  models  would 
have  to  be  cheaper  than  that 
approach  in  order  to  make 
sense,  Palmer  said.  In  addi¬ 
tion,  instead  of  server-level 
monitoring,  administrators 
would  have  to  do  more  com¬ 
plex  measuring  and  monitor¬ 
ing  of  processors,  disks  and 
memory,  which  raises  owner¬ 
ship  cost  issues,  he  noted. 

According  to  Palmisano, 
an  integral  element  of  on- 
demand  systems  will  be  their 
ability  to  largely  manage  and 
repair  themselves. 

Software  vendor  support  is 


entire  IT  infrastructures 
more  cost-effectively,  said 
Ted  Schadler,  an  analyst  at 
Forrester  Research  Inc.  in 
Cambridge,  Mass. 

Though  rivals  such  as  Hew¬ 
lett-Packard  Co.  and  Sun  Mi¬ 
crosystems  Inc.  are  also  being 
driven  to  the  same  market  for 
the  same  reasons,  IBM  is  in  a 
better  position  to  execute  the 
strategy,  Schadler  said. 

The  company’s  vast  tech¬ 
nology  portfolio,  global  ser¬ 
vices  capabilities  and  business 
consulting  skills  acquired 
through  its  $3.5  billion  pur¬ 
chase  of  PwC  Consulting  give 
it  an  important  edge,  he  said. 

“IBM  is  also  the  only  com¬ 
pany  that  can  take  the  capital 
risk”  involved  in  delivering  on 
the  strategy,  Schadler  said.  > 


also  crucial,  Palmer  said. 

“I  would  not  entertain  this 
idea  unless  the  software  ven¬ 
dors  we  use  support  it,”  he 
said.  “Right  now  I  have  nu¬ 
merous  vendors  who  highly 
recommend  that  their  soft¬ 
ware  runs  on  dedicated  envi¬ 
ronments,  and  some  won’t 
even  support  their  software  if 
we  run  it  in  conjunction  with 
certain  other  software.” 

Missing  Pieces 

Another  concern  is  that  many 
of  the  pieces  that  are  needed 
to  make  the  utility  model 
work  are  still  lacking,  said 
David  Rymal,  director  of 
technology  at  Everett,  Wash.- 
based  Providence  Health 
System. 

For  instance,  software  that 
allows  for  the  dynamic  alloca¬ 
tion  of  computing  resources  to 
different  applications  isn’t  ful¬ 
ly  mature,  he  said. 

And  “IT  funding  models 
will  also  have  to  change  radi¬ 
cally”  before  IT  can  be  served 
up  as  a  utility,  Rymal  said. 
Providence,  for  example,  buys 
all  of  its  computing  resources, 
so  IT  is  a  capital  expenditure 
for  the  organization.  Moving 
to  an  on-demand  model  would 
require  a  change  in  approach, 
he  explained. 

On-demand  models  are  “an 
oversimplification  from  a 
100,000-foot  view  of  what  it 
takes  to  make  IT  work  inside 
companies,”  said  Jim  Prevo, 

CIO  at  Green  Mountain  Coffee 
Roasters  Inc.  in  Waterbury,  Vt. 

In  any  case,  the  concept  of 
on-demand  IT  services  is  cer¬ 
tainly  not  new. 

For  years  users  have  been 
taking  advantage  of  storage- 
area  networks  and  technolo- 


I  would 
not  entertain 
this  idea  unless  the 
software  vendors 
we  use  support  it. 


BOB  PALMER,  VICE  PRESIDENT 
OF  IT.  LENOX  INC. 


gies  such  as  server  partition¬ 
ing.  grid  computing  and  virtu¬ 
alization  software  to  do  the 
sort  of  resource  sharing  prom¬ 
ised  in  the  on-demand  world. 

IBM’s  own  “autonomic” 
computing  technologies,  its 
grid  computers  and  its  eLiza 
initiative  to  build  self-healing, 
self-managing  hardware  and 
software  are  already  being 
used  to  deliver  some  of  the 
capabilities  promised  by  on- 
demand  systems.  The  chal¬ 
lenge  now  is  to  merge  these 
technologies  into  a  single 
architecture  encompassing 
hardware,  software,  network 
systems  and  middleware. 

Meanwhile,  vendors  such  as 
Hewlett-Packard  Co.  and  Sun 
Microsystems  Inc.  have  been 
touting  the  concept  as  well. 

Sun,  for  instance,  recently 
announced  a  project  called 
N1  under  which  it’s  develop¬ 
ing  technologies  that  will  al¬ 
low  companies  to  pool  data 
center  resources  such  as 
servers,  storage  systems  and 
networks  and  operate  them  as 
a  single  entity. 

“At  a  broad  level,  we  consid¬ 
er  the  IBM  announcement  as 
an  endorsement  of  a  vision  we 
have  been  executing  on”  for 
years,  said  Shahin  Kahn,  a  di¬ 
rector  at  Sun. 

HP  sells  a  technology  called 
Utility  Data  Center  that  allows 
companies  to  trade  and  share 
data  center  resources  for  run¬ 
ning  multiple  applications.  The 
company  also  offers  a  utility¬ 
like  option  in  which  users  can 
pay  for  IT  resources  on  a  usage 
basis.  And  the  option  for  capac¬ 
ity  upgrades  on  demand  that’s 
available  on  HP’s  high-end 
Superdome  Unix  servers  lets 
users  turn  on  additional  proc¬ 
essor  capacity  when  needed 
and  switch  it  off  when  it’s  not. 

“It  lends  a  lot  more  credibil¬ 
ity  to  our  efforts  when  our 
competition  talks  about  the 
same  thing  we  have  talked 
about  for  years,”  said  Nick  van 
der  Zweep,  a  director  at  HP.  & 


Reporter  Todd  Weiss  con¬ 
tributed  to  this  report. 
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(Too)  Easy  Access 

ON  THURSDAY  AFTERNOON,  Oct.  24,  Swedish  soft¬ 
ware  vendor  Intentia  International  AB  uploaded  its 
financial  results  to  its  Web  server  more  than  an  hour 
before  the  company  was  scheduled  to  announce  them 
officially.  Minutes  later,  the  Reuters  news  service 
found  the  information  there  and  broke  the  news  immediately  — 
sending  Intentia  executives  scrambling  to  release  it  themselves.  Last 
Monday,  Intentia  filed  a  criminal  complaint  with  the  Swedish  police, 
accusing  Reuters  of  breaking  into  its  Web  server. 

And  how  did  Reuters  hack  into  Intentia’s  financial  data?  By  typing 
a  URL  into  a  Web  browser. 


Yep,  that’s  it.  Intentia  initially  claimed  the  fi¬ 
nancial  results  were  protected  with  a  40-char¬ 
acter  password.  But  after  Reuters  denied  using 
any  passwords  to  get  the  data,  Intentia  changed 
its  story,  saying  just  that  the  financial  results 
were  in  a  “private”  area  of  the  Web  server  and 
there  was  no  official  link  to  them. 

In  other  words,  the  financial  results  —  which 
by  law  weren’t  supposed  to  be  made  available 
on  the  Internet  before  they  were  also  released 
to  the  Swedish  stock  exchange  and  newspapers 
—  weren’t  actually  protected  at  all.  The  Reuters 
“break-in”  consisted  of  guessing  the  right  file 
name,  based  on  announcements  of  previous 
Intentia  results. 

And  anyone  could  have  made  the  same  guess. 

OK,  if  you’re  in  a  corporate  IT  shop,  you’re 
probably  rolling  your  eyes  right  about  now.  You 
know  Intentia  shouldn’t  have  left  confidential 
information  unprotected.  You  can  probably 
even  recite  the  ways  it  could  easily  have  been 
kept  secure.  For  example,  by  keeping  it  on  the 
Web  server  in  encrypted  form,  and  only  de¬ 
crypting  it  at  the  last  minute.  Or  by  giving  it  a 
highly  random,  hard-to-guess  file 
name  that  would  only  be  changed  to 
a  conventional  name  at  the  last 
minute.  Or  by  using  file  permissions 
to  prevent  the  file  from  being  ac¬ 
cessed,  and  changing  them  only  at 
the  last  minute. 

Then  again,  the  easiest  way  to 
protect  that  information  would  have 
been  simply  to  not  upload  it  to  the 
Web  server  until  the  last  minute. 

Because  if  it’s  not  on  the  server,  it 
can’t  be  on  the  Web. 

Seems  obvious,  doesn’t  it?  But  it 
wasn’t  obvious  to  the  investor-rela¬ 


tions  people  at  Intentia  —  a  company  that  sells 
“e-collaboration”  software  and  plans  to  get  into 
Web  services,  so  you’d  think  its  employees 
would  have  a  handle  on  this  newfangled  Inter¬ 
net  stuff. 

Nor  is  it  obvious  to  plenty  of  other  users  who 
really  do  have  the  idea  that  as  long  as  there’s  no 
official  link  to  it,  information  on  a  Web  server  is 
safe.  So  they  trust  the  Web  server  as  a  staging 
area,  or  a  test  bed,  or  a  convenient  place  to  put 
presentations  and  demonstrations,  some  of 
which  contain  proprietary  or  confidential  infor¬ 
mation.  And  they  put  that  information  up  long 
before  it’s  required  —  and  leave  it  there  long 
after  it’s  no  longer  needed. 

Want  to  do  them  —  and  yourself  —  a  favor? 
Scan  your  company’s  Web  servers.  Find  the 
files  that  aren’t  linked  to  your  public  Web  site. 
Then  track  down  their  owners  and  remind 
them  that  whatever  they  put  on  a  Web  server  is 
accessible  to  anyone  on  the  Internet. 

Point  out  that  if  someone  on  the  Internet  can 
guess  the  URL  of  a  piece  of  business  informa¬ 
tion,  even  if  it’s  not  linked,  it’s  not  safe.  And 

that’s  true  whether  the  information 
is  financial  data,  marketing  plans 
or  personnel  records,  and  whether 
the  guesser  is  a  reporter,  an  em¬ 
ployee,  an  investor  or  a  competitor. 

And  if  they  think  it  can’t  happen 
to  them,  tell  them  about  Intentia. 
And  remind  them  that  your  CEO 
probably  isn’t  desperate  enough  to 
call  the  cops  if  proprietary  infor¬ 
mation  leaks  out  by  way  of  unnec¬ 
essary,  unlinked  files  on  your  com¬ 
pany’s  Web  servers. 

But  he’ll  probably  know  who’s 
guilty.  I 


frank  hayes,  Computer- 
world's  senior  news  colum¬ 
nist,  has  covered  IT  tor  more 
than  20  years.  Contact  him  at 

frank.hayes@computerwortd.com. 


Bite  Your  Tongue 

Clueless  user  gets  an  e-mail  vims  pretending  to  be 
from  sysadmin  pilot  fish,  with  the  message  “Please  try 
my  new  game."  He  clicks  to  open  it,  but  the  PC’s  anti- 
vims  software  blocks  it  and  tells  him  to  notify  sysad¬ 
min.  “I  eJgain  what  happened,  scan  the  computer 
and  tell  him  not  to  worry,  hiBBh  is  virus-free,"  says 
fish.  “So,”  asks  user,  “can  I  play  that  game  now?” 

What  a  _______ 

S  SHARK 

misuser  sri,  TJkfcll/ 
crashes  when-  (  ANilTfe 

ever  her  screen 
saver  kicks  in.  Sysadmin 
pilot  fish  turns  off  the 
screen  saver,  and  the 
crashes  stop.  But  a  few 
weeks  later,  user  com¬ 
plains  the  problem  has 
returned.  “Rats!  I  really 
thought  we  fixed  it  by 
turning  off  your  screen 
saver,”  says  fish.  “Well,  I 
turned  it  back  on  this 


the  factory 
to  the  parent 
company’s 
Internet  con¬ 
nection,  which 
:  won't  block  any  Web  ac- 
j  cess.  “Now  management 
]  wants  to  install  monitor- 
1  Ing  software  on  each 
j  PC,”  grumbles  fish.  “Of 
j  course,  they  also  want  to 
i  make  everyone  local  ad- 
|  ministrators  on  their  PCs 
i  -  which  means  they  can 
|  disable  any  software 
I  that’s  installed.” 


morning,”  user  admits. 

Fish:  ‘Try  turning  it  back  I  Ya  Think? 
off.”  User,  grumbling:  “I 
don’t  see  how  that  will 
fix  anything." 


Exactly 

Programmer  with  a  tess- 
than-sterling  reputation 
makes  small  changes  to 
a  report  -  after  which  it 
won’t  run,  no  matter 
what  he  does.  “So  he 
escalates  the  issue  to 
the  IT  developer  support 
organization  and  at¬ 
tempts  to  make  it  our 
problem,”  says  pilot  fish 
who  handles  the  call. 
“What’s  the  problem?” 
^^^^^Bsks  fish. 
“The  program  was  work¬ 
ing  before  I  fixed  it.” 

Now  Fix  the  Fix 
For  the  Fix 

This  company’s  filtering 
software  effectively 
blocks  improper  Web 
use  from  the  factory 
floor,  says  IT  pilot  fish  - 
until  a  restructuring  ties 


j  Prospective  employee 
\  is  interviewing  for  this 
j  company’s  Internet 
i  group.  “During  the 
I  course  of  the  interview, 

I  the  subject  of  the  Inter- 
I  net  came  up,”  says  pilot 
I  fish  who  sat  in  on  the 
j  session.  “The  intervie- 
|  wee  replied,  ‘That  Inter- 
!  net  thing  - 1  think  it 
I  might  catch  on.’ ” 

I  That  Might  Help 

j  Remote  user  calls  help 
I  desk:  She  gets  an  error 
j  message  whenever  she 
i  tries  to  access  an  in- 
i  house  estimating  sys- 
j  tern.  Problem  is  escalat- 
j  ed  to  developer  pilot 
j  fish,  and  he  tries  every- 
j  thing  he  can  think  of,  but 
i  nothing  works.  Finally, 
j  fish  suggests  that  user 
j  ship  her  PC  back  to  cen- 
\  tral  IT.  User’s  request: 

|  “While  you  have  my  ma- 
!  chine,  can  you  remove 
I  the  virus  that’s  on  it?” 


OFEED  THE  SHARK!  Send  your  true  tale  of  IT  life  to 
sharky@computerworld.com.  You  snag  a  snazzy 
Shark  shirt  if  we  use  it.  And  check  out  the  daily  feed,  browse 
the  Sharkives  and  sign  up  for  Shark  Tank  home  delivery  at 

computerworld.com/sharky. 


Lotus,  software 


1  ]  WIN  WITH  SPEED:  No  question  about  it.  Whether  it’s  on  a  PDA 
or  a  PC,  the  faster  your  workforce  can  exchange  ideas,  the  faster 
they  can  act  on  them. 

2]  WIN  WITH  LOTUS:  As  the  leader  in  business  instant  messaging, 
Lotus  Sametime”  helps  you  locate  and  communicate  with 
the  people  you  need,  instantly  and  securely.  Lotus.  Part  of  our 
software  portfolio  including  DB2,”Tivoli”and  WebSphere.” 

3]  MAKE  THE  PLAY:  Visit  ibm.com/lotus/team  for  a  Webcast 
on  instant  messaging  and  its  effects  on  speed  of  collaboration. 


(@  business  is  the  game.  Play  to  win. 


QUESTION 


ISjhJ 

Vlfl  ; 

HftfTi 

software 


NEW  DB2.  A  SELF-STARTER 

IN  THAT  SELF  MANAGING .1 


What  keeps  databases  in  game  shape?  DB2  v8,  the  most  advanced  self-managing 
database  across  Linux?  UNIX®  and  Windows®  Turbocharged  querying  and  tuning 
saves  time,  resources  and  pushes  productivity  skyward.  And,  no  matter  what  form 
your  data  is  in,  it  lets  you  access,  analyze  and  manage  it.  DB2.  It’s  part  of  the  software 
team  that  includes  Lotus? Tivoli®  and  WebSphere®  Learn  more  at  ibm.com/db2/new 


@  business  is  the  game.  Play  to  win? 


IBM,  DB2,  Lotus,  Tivoli,  WebSphere,  the  e-business  logo  and  e-business  is  the  game.  Play  to  win  are  registered  trademarks  or  trademarks  of  International  Business  Machines 
Corporation  in  the  United  States  andfor  other  countries.  Linux  is  a  registered  trademark  of  Linus  Torvalds.  UNIX  is  a  registered  trademark  of  The  Open  Group  in  the  United 
States  andfor  other  countries.  Windows  is  a  registered  trademark  of  Microsoft  Corporation  in  the  United  States  andtor  other  countries.  ©2002  IBM  Corporation.  All  rights  reserved. 


